22 days ago
Great opportunity to join this Public Sector client in East Sussex, who is looking to recruit an experienced Interim Head of Information Management (Senior Manager and Information Governance professional), who can lead the Information Management team, and act as Data Protection Officer whilst also advising Chief Officers on a sustainable future model for resourcing Information Management.
The post-holder will work closely with the Head of Corporate Development and other senior stakeholders to understand the future needs of the organisation and ensure that they have the correct structures and resources in place to deliver their obligations under GDPR and to improve the way that the organisation manages Information.
This is an exciting opportunity to shape the organisations approach to Information Management and improve the service to the public. They are looking for someone who is pro-active and can hit the ground running.
What you’ll be doing
To develop and direct the delivery of the Information Management strategy, resources and functions to effectively manage the organisations Information assets, supporting regional collaboration and ensuring that the statutory obligations are effectively and lawfully discharged
To perform the role of Data Protection Officer, overseeing and directing all data protection and related Information privacy activities, to ensure the proper handling of personal Information to comply with data protection legislation.
- Develop, negotiate and deliver an agreed strategy and implementation plan for Information Management which supports the strategic objectives of the organisation, ensuring it is compatible with national and regional initiatives and directives, and legislation including GDPR and the new Data Protection Act 2018.
- To act as Data Protection Officer for the organisation
- Advising Chief Officers on the Data Protection Compliance Strategy and fostering a data protection culture within the organisation, including metrics for Data Protection Impact Assessments and monitoring the performance of such assessments.
- Monitoring compliance with the GDPR and other data protection laws, data protection policies, awareness-raising, training, and audits.
- Support and lead the concept of 'Data Protection by Design’ by ensuring that Privacy Impact Assessments are integrated in the early stages of any project, and then throughout its lifecycle
- Undertake systematic auditing and monitoring of all local and national Information and systems used to ensure compliance with GDPR data protection legislation, national standards, Codes of Practice, and policies and procedures; identifying issues & risks, and reporting to Chief Officers to ensure corrective actions are implemented.
- Risk assess and determine the frequency of system audits through application of the Data Protection Manual, formulating and submitting recommendations to the Security and Information Management Board.
- Direct effective governance of policies and procedures, and specifically development of policy and procedures to support Information Management, consistent with DPA/FOI and MOPI principles and Information Management related projects.
- Achieve compliance with the Data Protection Act obligations, including subject access, courts and other legislative requests, including in relation to withdrawal of consent, the "right to be forgotten", and other rights available to data subjects under data protection legislation.
- Lead all DBS disclosure decisions where this function is delegated.
- Provide briefings, advice and guidance to Chief Officers or Heads of Departments on all matters relating to Information Management and lead on training and awareness strategy for Information Management
- Manage all staff responsible for delivering IM, DPA, FOIA, Data Compliance, FRB and disclosure functions in accordance with employment policies and employment regulations.
- Initiate, sponsor and deliver Information Management change programmes and projects and lead the Information Management contribution to other relevant programmes.
- Oversee an effective process for the identification and internal reporting of data protection and cyber security breaches. Develop strategies for the Management and rectification of any data security incidents. Perform investigations into data protection and cyber security breaches.
- Liaise with the CIO regarding notification of any data breaches to the ICO. Assist where appropriate in the investigation of misconduct and criminal matters where breaches of data protection are a factor, through the provision of advice and assistance with the evaluation of evidence.
Why you will be hired
To be considered for this role you will require:
- Degree or appropriate qualification/experience in Information Management, Business Management with a strong information element, or similar
- GDPR/DP management qualifications
- Expertise in GDPR and other national and European data protection laws and practices, such as the Data Protection Act, Freedom of Information Act, Computer Misuse Act, Copyright, Designs and Patents Act, Human Rights Act, and the HMG Security Policy Framework.
- Experience in a data protection role, preferably within a public sector organisation using large- scale, complex information processing systems.
- Experience of implementing a compliance strategy within an organisation and conducting audits, investigations and risk management to ensure adherence.
- Understanding of information security management, information technologies and data security.
Before an appointment can be confirmed, you will be subject to an MV+ level vetting procedure
Why you should apply
This is a fantastic opportunity for an experienced Information Governance professional to lead and shape the organisations future