Banner Default Image

Information Governance & Data Protection Officer

Information Governance & Data Protection Officer

Information Governance & Data Protection Officer


£34,609 - £38,009


Edinburgh, Scotland


TFPL Recruitment are pleased to be working in partnership with Children’s Hearing Scotland in their recruitment for an Information Governance & Data Protection Officer.

Children’s Hearings Scotland (CHS) is undergoing an exciting period of reform designed to make a step change in improving the outcomes for infants, children and young people who need us most. We are looking for a highly skilled and proactive Data Protection Officer and Information Governance Practitioner to join our Team and help us to refine and continuously improve our processes and procedures.

They are committed to #KeepThePromise to Scotland’s infants, children, and young people, and you would be joining them during an exciting period of change as they redesign the children’s hearings system with their partners and people with lived experience over the next five years.

As Information Governance & Data Protection Officer, you will take an operational lead in advising and assisting CHS colleagues and community members in achieving best practice in information governance and data protection, as well as supporting the organisation in meeting its statutory IG obligations, particularly those outlined in the GDPR, DPA, FOISA, and PRSA by acting as Data Protection Officer. You will enhance their existing processes and polices ensuring compliance and best practice is applied across the organisation.You will have the opportunity to shape the way we approach records management and apply data protection principles across all their projects and process improvement initiatives.

If you think that you can help to shape and improve CHS practices and build on CHS strong governance culture, then this might be just the role for you.

Key Responsibilities

·       Lead on Data Protection issues on behalf of CHS. This includes regular reporting and presentation to the Board, working with the SIRO on requests, and acting as the main point of contact for Data Protection to regulators, staff and the CHS Community.

·       Oversee and ensure ongoing compliance with information governance, records, and data protection legislation, providing on-going evidence of compliance with the statutory requirements as set out in the PRSA and CHS’ Records Management Plan.

·       Lead on and support CHS staff and Community to carry out Data Protection Impact Assessments, offering advice and proactive solutions to queries.

·       Play a key role in the corporate governance of CHS by ensuring that all projects, including digital development, have data protection by design and default built in.

·       Manage information security incident resolution including recording, investigating, and reporting of information security incidents and identifying vulnerabilities in our systems and practices.

·       Draft responses to requests for information and leading on responding to requests submitted under Freedom of Information (Scotland) Act, 2002 and Environmental Information (Scotland) Regulations 2004.

·       Managing requests submitted under Data Protection legislation, such as Subject Access Requests.

·       Manage statutory reporting to regulators, principally the Information Commissioner’s Office and the Scottish Information Commissioner.

·       Work with colleagues to ensure a risk-based approach to the application of data protection principles across all areas of the business and lead on auditing CHS’s compliance with IG policies and practice.



·       Auto-enrolment into the Pension Scheme with generous employer contribution (25% in 23-24).

·       Enhanced sickness absence benefit, dependent on length of service up to a maximum of 26 weeks full pay and 26 weeks half pay.

·       Full list of benefits available on request


Please note that You may be required to travel across Scotland and work on occasion outside CHS’ normal working hours to meet the requirements of the job.

Please apply with your CV for this and other Information Governance & Data Protection Officer roles to