Privacy and Risk Manager

This job is brought to you by Jobs/Redefined, the UK's leading over-50s age inclusive jobs board.

South London and Maudsley NHS Foundation Trust has a rich history, well-established community links and an international reputation. We deliver specialist services in the London boroughs of Croydon, Lambeth, Lewisham and Southwark, Bexley, Bromley, Greenwich, Wandsworth and Richmond.

We are committed to provide a high quality and specialist care to our service users and we are recognised for our care and treatment we provide. The Care Quality Commission already rates our services as 'good'.

We launched our five-year strategy, Aiming High; Changing Lives in 2021 together with Our Care Improvement System as our quality management system methodology to make a positive impact on patient care, outcomes and staff experience. By joining SLaM, all staff will get the opportunity to be part of this exciting improvement journey supported with learning and development to harness everyone's potential as change makers.

The trust recognises the unique and valuable contribution that people with lived experience of mental illness can bring to a role. We therefore welcome applications from people with lived experience and consider them as an asset to the Trust.

Our Values

We take pride in providing specialist care to our service users where our Trust values and our promise to be caring, kind, polite, prompt, honest, listen and do what I say I'm going to do is at the heart of everything we do. When you join us, you'll be part of something special.

As a Trust we are happy to talk flexible working.

Job overview

The key objective of this role is to provide data security assurance by undertaking Data Protection Impact Assessment and assurance for existing and upcoming service, application, system developments across the Trust and in key partnerships. The post holder will be responsible for the Trust's compliance with privacy and data protection principles and champion patient and public privacy across the organisation with an enabling and supportive approach.

The post holder will be an enthusiastic data privacy and risk practitioner, self-motivated, innovative professional with good understanding of patient confidentiality, privacy, data security, social media and digital health applications in health and social care services with a satisfactory track record of monitoring compliance with the Data Protection and health and social care information governance standards.

The post holder will be expected to assess current and upcoming developments, including service designs, technical and innovative digital developments and applications for privacy impact and compliance with national information governance standards.

Career

We are committed to get the very best out of our staff and support staff in their career aspirations. We have career pathways available, where you will be able to develop your skills and build on your experience to progress into other roles across different specialties. In addition, we offer ongoing training and development in conjunction with the BCS membership.

Main duties of the job

• Lead a privacy by design approach by assessing and managing privacy design, impact and outcome of existing and upcoming service, application, system developments across the Trust and in key partnerships.
• Develop, implement and monitor data processing agreements, data sharing agreements; data transfer agreements and non-disclosure agreements.
• Manage the Information Security Committee to include management of action plan
• Co-ordinate, negotiate and influence design of existing and upcoming service, applications, system developments across the Trust and in key partnerships to enhance privacy
• Develop, design, co-ordinate dissemination of privacy notices that are clear, concise and in line with Data Protection Principles
• Manage Data Protection impact assessments ensuring delivery of the agreed actions through liaison with the stakeholders in order to provide the Trust via the Head of Information Governance and the CDIO adequate privacy assurance.
• Undertaking assurance and compliance work to support GDE projects.
• Support the Head of IG in collaborative work with the SLP and the STPs
• Ensure monitoring and review of IG Policies
• Manage Incident process, including monitoring Datix, giving advice and escalating serious incidents to the IG Operations Lead

Working for our organisation

About the team:

We are looking to recruit a dynamic, efficient and reliable person to our Information Governance team into the role of Privacy and Risk Manager - Band 7 to implement and actively monitor the Trust's compliance with privacy and data protection principles and champion patient and public privacy across the organisation with an enabling and supportive approach.

About the location:

Our Trust headquarters is located at Denmark Hill less than 5 minutes from the train station (zone 2). We also provide services and operate across other locations, such as London boroughs of Croydon, Lambeth, Lewisham and Southwark; and substance misuse services for residents of Bexley, Lambeth, Greenwich and Wandsworth.

Detailed job description and main responsibilities

• Lead a privacy by design approach by assessing and managing privacy design, impact and outcome of existing and upcoming service, application, system developments across the Trust and in key partnerships.
• Develop, implement and monitor data processing agreements, data sharing agreements; data transfer agreements and non-disclosure agreements.
• Manage the Information Security Committee to include management of action plan
• Co-ordinate, negotiate and influence design of existing and upcoming service, applications, system developments across the Trust and in key partnerships to enhance privacy
• Develop, design, co-ordinate dissemination of privacy notices that are clear, concise and in line with Data Protection Principles
• Manage Data Protection impact assessments ensuring delivery of the agreed actions through liaison with the stakeholders in order to provide the Trust via the Head of Information Governance and the CDIO adequate privacy assurance.
• Undertaking assurance and compliance work to support GDE projects.
• Support the Head of IG in collaborative work with the SLP and the STPs
• Ensure monitoring and review of IG Policies
• Manage Incident process, including monitoring Datix, giving advice and escalating serious incidents to the IG Operations Lead
• Support the Head of Information Governance and the IG Operations Lead in the development, delivery and management of the Trust's IG function with a vision to empower service users, support clinicians, enable research, improve productivity and support organisational performance.
• Support the Head of Information Governance, the Caldicott Guardian and the Chief Digital Information Officer/SIRO for the successful delivery of the Information Governance Action Plan
• Provide a deputy function to cover the responsibilities of the Information Governance Privacy and Risk and IG Operations Leads and when required.
• The Trust encourages and welcomes applications from people with lived experience of mental health challenges. We see this as valuable and recognise the positive impact this experience can have on the work we do.

Person specification

Qualifications

Essential criteria

• Educated to Degree level or equivalent experience, plus additional specialist knowledge
• Evidence of professional/managerial development

Desirable criteria

• Prince 2, Agile or other Project Management methodologies

Skills and Knowledge

Essential criteria

• Relevant experience in ad hoc data queries / reports to meet the business needs of the organisation including clinical data quality, performance management and reporting issues
• The facilitation of a customer focussed culture within a team
• Knowledge of national data sets and their application
• Excellent written, verbal, and other media communications /Presentation skills
• A logical and sensible approach to problem solving
• Have the ability to organise and prioritise their workload, and be able to work under pressure
• Negotiation, influencing and persuading skills
• Ability to express complex issues, both orally and in writing in an easily understood manner for a range of audiences
• Pro-active and self-motivated in completing work to a high standard in conjunction with other staff
• Excellent team skills and ability to work with members of own and other teams and departments at all levels of the organisation.
• Specialist knowledge and clear understanding and experience of working in accordance with information governance standards operating to high ethical and quality standards at all times
• Thorough knowledge and understanding of the Data Protection Act (2018) and the Freedom of Information Act (2000)
• Good knowledge and understanding of Information Security and risk
• Knowledge and good understanding of the Information Governance Toolkit
• Experience of undertaking standards, procedures and policies reviews.
• Experience of full range of Microsoft packages
• Excellent numeracy skills including the ability to undertake statistical analysis and to interpret data
• Thorough knowledge and experience of privacy by design

Desirable criteria

• Knowledge of mental health services
• Use of ITIL in a work environment
• Ability to gain commitment from Digital Services to becoming active participants in internal reviews
• To analyse and apply user information to Digital Services problem solving
• Relevant expertise in latest digital tech with a can-do and digital-first attitude

The Trust is committed to providing services which embrace diversity and that promote equality of opportunity. We are a Disability Confident Employer, we welcome applicants from all sections of the community and people of all protected characteristics. We provide reasonable adjustments for candidates with a disability and are committed to treating people fairly with compassion, respect and dignity and in promoting equality and human rights. We aim to put this commitment into practice by:

• Embedding our commitment to tackling inequality, eliminating discrimination and harassment; promoting equality of opportunity and fostering good relations in our everyday practice
• Ensuring that all our services and all staff understand and support our commitment
• We believe that people who use our services, their carers and our staff, should be treated with compassion, respect and dignity

Please note:

• That all applications for this post will need to be made online
• That you read and understand the Job Description and Personal Specification attached to the role. Your Statement in Support should reflect the requirements specified as your application will be judged against these criteria
• That the closing date listed is a guide only and that the vacancy may close earlier should sufficient number of applicants have been received. We advise that you submit your application as early as possible
• That once you have submitted your application you agree to your application being transferred to a 3rd party e-recruitment system. All subsequent information regarding your application will be generated from apps.trac.jobs
• That should you not have heard from us within three weeks from the closing date your application has not successful
• That priority consideration for applications may be given to at-risk NHS employees
• That should you be successful and appointed, you authorise South London and Maudsley NHS Foundation Trust to confirm your previous NHS service via an Inter Authority Transfer (IAT) process
• That we are a smoke-free Trust

SLaM is a Stonewall Diversity Champion , Stonewall is the largest Lesbian, Gay, Bi and Trans (LGBT) rights charity in Europe'

Employer certification / accreditation badges

Documents to download

• Privacy and Risk Manager (PDF, 472.4KB)
• SLaM Staff Benefits (PDF, 1.1MB)
• Happy to Talk Flexible Working (PDF, 680.1KB)