Job Overview
The Head of Information Governance will provide the Trust with leadership in Information Governance (IG) and the wider Information Assurance framework, serving as the prime source of expert advice on all IG matters. The role leads policy development, raises awareness of IG importance, and provides assurance to the Trust Board of statutory and legal compliance.
Main Duties
- Confidentiality
- Data Protection
- Information Assurance
- Caldicott
- IT Governance
- Information Sharing
- Access control mechanisms (Registration Authority)
- Freedom of Information
Key Responsibilities
- Provide strategic and operational leadership for all aspects of Information Governance in the implementation of the Trust's new Electronic Patient Record (EPR) system, ensuring full compliance with statutory, regulatory and NHS information governance requirements while enabling safe, lawful and effective use of patient data.
- Lead the Trust's Information Governance team to ensure that the Trust's Information Governance Agenda evolves to support changes in care pathways and delivery of the NHS 10 year plan.
- Ensure that the Trust's systems and information collection processes are aligned to the Data Security and Protection Toolkit (CAF), ISO 27001/2 and are compliant with the Data Protection Act 2018 as well as other regulatory frameworks in the aspects of confidentiality and data protection.
- Lead on the provision of expert advice to the Trust on Data Protection and Information Assurance.
- Co‑ordinate the agenda setting and draft papers for the Trust's Information Governance and Security Steering Group (IGSSG).
- Attend local, regional and national information governance meetings on behalf of the Trust and report back any relevant developments and issues to the wider team.
- Lead on ensuring that the Trust complies with all DSPT/CAF standards and that resulting action plans are robustly articulated, monitored, appropriately escalated and prioritised.
Person Specification
Qualifications and Training
- Essential: Master’s or equivalent; IT security qualification; Prince2 or equivalent project management experience.
- Desirable: CISSP; ITIL Foundation.
Experience
- Essential: Substantial experience in Information Governance or related field at a senior level; practical implementation of GDPR/DPA and Information Governance Assurance; experience of implementing organisation‑wide information governance strategies, policies and procedures; experience of cross‑team and cross‑discipline working; experience of completion and submission of the Data Security and Protection Toolkit/CAF.
- Desirable: Registration Authority experience.
Knowledge and Skills
- Essential: Detailed specialist knowledge of ISO 27001/2, Freedom of Information Act 2000, Data Protection Act 2018 and Information Governance; ability to lead a team; ability to communicate effectively at all levels in a complex, multi‑disciplinary environment both orally and in writing; self‑motivated and able to motivate others; understanding and knowledge of confidentiality guidance; understanding of the role of the Caldicott Guardian in the NHS; proven ability to work with a high degree of autonomy and decision making; ability to prioritise between competing demands and allocate resources accordingly; sound political judgement and astuteness in understanding and working with complex policy, diverse interest groups, and common sense in knowing when to brief "up the line".
- Desirable: Understanding and knowledge of records management guidance (e.g., "For the Record"); understanding of the Human Rights Act; understanding of Health Informatics; understanding of Public Records Act 1958/67; understanding of Environmental Information Regulations 2004; possession of advanced keyboard skills and proficiency with Microsoft Word, Excel, Outlook, and complex project planning and management tools such as MS Project and Visio.
Diversity and Inclusion
We encourage all suitable candidates to apply, including if you are Black, Asian or other ethnic minorities, live with a disability (visible or not) or are LGBT+. We have a number of active staff networks including Disability, LGBT+, Multicultural Inclusion, and Women's staff networks.
Application Details
Information provided during recruitment and pre‑employment checks must be accurate. Misrepresentation may be investigated as fraud and could lead to withdrawal from the process, professional sanctions, or criminal action.
That sponsorship under the Skilled Worker route is subject to Trust allocation and UK Visas and Immigration (UKVI) approval.
We reserve the right to close the post before the stated closing date; please apply early. We do not contact applicants with the outcome of the shortlisting. If you have been shortlisted, you will receive an invitation to an assessment day or interview.
