Records Management & Information Governance Lead

Job description

Job responsibilities

The Records Management & Information Governance Lead will direct the overall management and planning of this function, reviewing, updating and implementing systems and processes to deliver compliance across all of the HTAs activities.

The postholder will provide leadership and expert advice on records management and information governance across the organisation and will play a key role in the development of a robust framework that embeds best practice and delivers compliance with relevant national standards.

The postholder must have previous experience of working in a Healthcare Environment. They will have sound knowledge and experience in all areas of IG, particularly UK GDPR/Data Protection 2018 and other relevant legislation such as Access to Healthcare Records Act 1990, Freedom of Information (FOI) and Environmental Information Regulation (EIR).

Key responsibilities

• Provide leadership and expert strategic, tactical and operational advice and guidance on records management and information governance across the HTA.
• The postholder will be professionally responsible for the provision of advice and the delivery of systems for Records Management and Information Governance that meet national standards.
• Provide expert advice to the HTA on all aspects of Data Protection and Data Protection Impact Assessments and lead on the delivery of required policies and procedures.
• To act as the Data Protection Officer
• Provide expert advice to the HTA ensuring legal aspects of records management are considered and adhered to in the management of electronic and remaining paper records.
• The postholder is responsible for ensuring risk in respect of records management and data quality is recorded and managed across the HTA

General

• To actively support to the HTA on business planning, business process change and change management relating to Records Management and Information Governance
• Keep up to date with new developments/changes of legislation within the Records Management arena to maintain currency of subject matter expertise and ensure HTA policies and processes are maintained and kept up to dat
• To lead the development, management and implementation of the HTAs records management and information governance work programme incorporating information quality assurance, Data Protection, confidentiality, and information security.
• To manage and maintain processes and procedures to support Subject Access Requests from third parties.
• To oversee the completion of required audits of systems, processes and returns in line with national standards and programmes.
• To produce quarterly and an annual report on compliance against the work programme and compliance against national standards including the adequacy of controls and assurance arrangements and the identification of any areas of concern.
• To lead and co-ordinate the HTAs response to the Data Security and Protection Toolkit including annual action plans, collation of evidence and complete submissions as required via the portal. The role will work closely with the IT function on all aspects of information security.
• Provide expert advice and operational delivery to all areas of IG including information sharing and transfer, legislation, training, Subject Access Requests, IG incidents, DPIAs and records management balancing between IG and operational requirements.
• To be able to translate the complex requirements of legislation into comprehensible operational advice and guidance for the HTA and its functions.
• To maintain awareness of changes to data protection legislation and Health and Social Care standards, in particular how it may affect the HTA.
• To review Data Protection Impact Assessments and Data Sharing Agreements and provide recommendations on opportunities for improvement and any gaps in controls as part of regular reporting
• Escalating any issues of non-compliance with legislation to the Director of Data, Technology & Development and proposals for solutions.
• To investigate and support the SIRO with any incidents of breaches in information and records management policies including data protection and confidentiality.

Education/Qualification

Essential

• First degree and/or equivalent experience

Desirable

• IAPP accredited privacy qualification (CIPM, CIPP/E)
• GDPR Practitioner Certificate

Experience

Essential

• In depth experience of delivering a full IG function across an organization including information sharing and transfer, legislation, training, FOI, Subject Access requests, IG incidents, IG risk and records management.
• Experience of developing and reviewing information sharing and transfer agreements
• Experience of working with the Data Security & Protection Toolkit (DSPT)
• Experience of working as a Senior IG Officer or lead for Information Governance
• Has detailed knowledge of relevant corporate, professional and/or legal standards.
• Has excellent and in-depth knowledge of wide areas of IG legislation, concepts and practices. Can plan, schedule and monitor work, within set targets, for small dedicated teams.
• Experience of staff management or can demonstrate ability to lead team members directly or indirectly.

Desirable

• Experience of working with and across a number of agencies including the Information Commissioners' Office (ICO)
• Experience of acting as a DPO

Skills and Knowledge

Essential

• Knowledge of information governance legal and national regulatory requirements, including the General Data Protection Regulation and the Data Protection Act, Freedom of Information/Environmental Information Regulation and Access to Health Records Acts
• Able to provide evidence of where you have demonstrated the HTA's Values and Behaviours
• Able to demonstrate excellence in Customer Service and promotes partnership and collaborative working within teams
• Able to meet the required IT Skills for the post
• Encourages rigour and provides critical challenge in determining outcomes

*Salary - the right candidate can expect to be appointed at the starting point of the band

Person Specification

Experience

Essential

• In depth experience of delivering a full IG function across an organization including information sharing and transfer, legislation, training, FOI, Subject Access requests, IG incidents, IG risk and records management.
• Experience of developing and reviewing information sharing and transfer agreements
• Experience of working with the Data Security & Protection Toolkit (DSPT)
• Experience of working as a Senior IG Officer or lead for Information Governance
• Has detailed knowledge of relevant corporate, professional and/or legal standards.
• Has excellent and in-depth knowledge of wide areas of IG legislation, concepts and practices. Can plan, schedule and monitor work, within set targets, for small dedicated teams.
• Experience of staff management or can demonstrate ability to lead team members directly or indirectly.

Desirable

• Experience of working with and across a number of agencies including the Information Commissioners' Office (ICO)
• Experience of acting as a DPO

Skills & Knowledge

Essential

• Knowledge of information governance legal and national regulatory requirements, including the General Data Protection Regulation and the Data Protection Act, Freedom of Information/Environmental Information Regulation and Access to Health Records Acts
• Able to provide evidence of where you have demonstrated the HTA's Values and Behaviours
• Able to demonstrate excellence in Customer Service and promotes partnership and collaborative working within teams
• Able to meet the required IT Skills for the post
• Encourages rigour and provides critical challenge in determining outcomes

Qualifications

Essential

• First degree and/or equivalent experience

Desirable

• IAPP accredited privacy qualification (CIPM, CIPP/E)
• GDPR Practitioner Certificate

Employer details

Employer name

Human Tissue Authority

Address

2 Redman Place

Stratford

London

E20 1JQ

Employer's website

https://www.hta.gov.uk/ (Opens in a new tab)