Data Protection Officer
£38 - £42K DOE plus excellent benefits package
A leading further education sector organisation are looking for an experienced Data Protection Officer to join the team.
Purpose and Objectives of the role:
To devise, implement, maintain and operate the colleges strategic approach to data protection across its sphere of academic and business operations and to ensure compliance with respective data protection law(s) and regulation(s).
In particular, ensuring that the College reviews, develops, implements and evidences a compliance programme which meets the requirements of the UK European General Data Protection Regulation and EU GDPR as appropriate, including associated information security assurance.
- Review, develop, implement and evidence a compliance programme which meets the requirements of the General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA) and any other relevant data protection legislation to support policy implementation.
- Develop and maintain an organisation structure which fulfils the college obligations to meet the regulatory and operational requirements of the General Data Protection Regulation, Freedom of Information Act 2000 and any other regulatory domains that may be required.
- Provide expert, accurate advice and guidance to academic and professional leadership within the college.
- Carry out data protection audits and escalate recommendations to evidence compliance with relevant legislation and colleges policies and procedures. Assess potential related incidents and promptly engage with stakeholders for Freedom of Information, GDPR and Data Protection legislation.
- Carry out Privacy Impact Assessments where appropriate on systems processing personal data from time to time and ensure that all new systems implement privacy by design and have relevant and up to date Privacy Notices.
- To promote best practice on Information Sharing and Data Processing and to provide advice and assistance in respect of both.
- Perform the responsibility and function of Data Protection Officer & Freedom of Information Officer for the college.
- Monitor, annually review and amend the colleges Information Commissioners Office registrations and notification(s), or equivalent, and monitor and assist with notifications outside the UK.
- Handle complaints and queries in relation to information rights.
- Investigate and report on Information Governance incidents when requested, including establishing causes and determining appropriate corrective and/or preventive action.
- Work with the information governance committees (or equivalent) to ensure that data protection compliance is embedded into all new systems, policies and procedures.
- Prepare and deliver board level presentations encompassing progress, issues and status to senior leadership and other key groups as and when required.
- To assist in the maintenance of records for networks, hardware, software and consumables over the sites.
- Maintain safe working practices in accordance with College Health and Safety Policies and Procedures.
- Observe and monitor compliance with the Data Protection Act 2018, the Computer Misuse Act 1990, and the College security policy.
- To assist all staff in dealing with technical issues on computers across the College.
- Maintain confidentiality
- Ensure compliance with UK GDPR Data Protection Act 2018.
- Ensure compliance with Computer Misuse Act 1990.
- Experience of advising on data protection issues in a large or complex organisation
- Awareness of data protection obligations in other jurisdictions; experience of implementing and providing advice in relation to standard contractual clauses and data Sharing Agreements
- Experience of providing advice and assistance on dealing with Subject Access Requests and Requests for Disclosure
- Understanding of systems and processes involved in gathering, storing, transferring and collecting data in a national and international context and identifying any associated risks.
- Practical experience of incident management, associated processes and stakeholder engagement.
- Expert communication skills to enable engagement with College leadership at all levels
- Knowledge of the UK General Data Protection Regulation and the
- Data Protection Act 2018 and related legislation, guidance and best practice
- Knowledge of best practice in relation to Information Sharing and Data Processing Agreements
- Knowledge of ICO guidance and decisions
- Knowledge of relevant Information Rights legislation such as the Freedom of Information Act, EIR and Local Government Transparency Code
- In-depth understanding of current UK data protection requirements and strong current awareness of the changes to be implemented by the UK General Data Protection Regulation (and EU equivalent).
- Ability to research and quickly digest new and emerging data protection, cyber security and information security requirements / rules and provide practical advice on their implications
Morgan Hunt is a multi-award-winning recruitment business for interim, contract and temporary recruitment and acts as an Employment Agency in relation to permanent vacancies. Morgan Hunt is an equal opportunities employer. Job suitability is assessed on merit in accordance with the individual's skills, qualifications and abilities to perform the relevant duties required in a particular role.