North West London
DR - 26451
Data Protection Officer
North West London
Hybrid working model – 1 day a week on site (flexibility required)
37.5 hours per week
About the company
Sue Hill Recruitment are delighted to be working exclusively with this innovative and trailblazing client within the Housing Sector. In order to find new and robust approaches to meet the challenges they face across their diverse organisations which deliver a range of services including social housing, development, care and support, and private sector rent and lettings, and to support their progressive and growing organisation, they are now looking to recruit a Data Protection Officer who can work flexibly and innovatively to support the business and play a key role in its future success.
In this role, reporting to the Head of Strategy and Compliance, the successful candidate will be responsible for ensuring they protect their data in the best way possible, providing guidance and assurance on processes and handling data, and championing the value of data in the future success of our organisation. The DPO will be the organisation’s subject matter expert on data protection issues and will share knowledge and increase understanding and compliance across the business.
The Data Protection Officer will work closely and build relationships with colleagues, customers, and stakeholders to shape this area of work.
Our client strongly believes in achieving a good work/life balance. This role is a hybrid one, giving you the opportunity for a balance of working from home and spending time in the main office and other locations across the area as required, including their adult social care schemes.
What you’ll be doing
· The DPO shall have the authority, autonomy, and decision-making powers to manage non-compliance and breaches, including reporting such incidents to the relevant supervisory authorities
· Ensure the organisation is aware of and complies with Data Protection law, best practice, and any case precedents, interpreting law changes into practical policies and procedures
• Act as point of contact with members of the public, supervisory authorities, and internal teams
· Develop effective working relationships with colleagues, working collaboratively and proactively to ensure information is protected and sound working practices are applied
· Provide a responsive, professional, and helpful advisory service to staff at all levels on information compliance issues and queries, and deal with queries confidently and constructively
· Deliver regular communications to employees on data protection to ensure knowledge is embedded throughout the organisation
• Identify and evaluate the company’s data processing activities
· Provide advice, instructions, and support on how to conduct Data Protection Impact Assessments (DPIAs)
· Advise colleagues on the use of data protection clauses in contracts and data sharing agreements
• Monitor data management procedures and compliance within the company
· Participate in meetings with managers and in projects, providing specialist knowledge and expertise to ensure data protection by design at all levels
· Ensure suitable physical and electronic systems are in place across the organisation(s) to record and manage all aspects of data protection and information governance, including maintaining records of processing activities
• Ensure that all queries from data subjects are handled within legal timeframes
· Monitor and support the processes for individuals who are requesting information under the organisations policies and procedures relating to data protection, freedom of information, and environmental information
• Liaise with other organisations that process data
· Develop and maintain data protection policies, procedures, guidance, privacy notices, and other relevant documentation when required
· Provide regular reports on data protection compliance performance to the Senior Management Team, Executive Management Team, and Boards and Committees
· Log and assess reported data breaches in a timely manner, escalating serious breaches as appropriate, and offering consultation on how to deal with privacy breaches, providing appropriate advice and guidance to colleagues
· Undertake proactive work and enforcement measures that promote good data protection working practices and compliance with legal requirements, including performing audits, and determine whether we need to alter our procedures or ways of working to comply with regulations
· Examine arrangements for the sharing of personal data with third parties, including those that process the personal data of employees and customers on their behalf, ensuring that it is lawful and appropriate
· Monitor training on data protection compliance for employees, including annual refreshers and ensuring all new employees are aware of their data protection obligations and have completed training as part of induction
· Provide bespoke training and briefings as necessary to increase awareness and maintain a high standard of records management, reducing the risk of data breaches
· Maintain awareness of and follow up on changes in law and issue recommendations to ensure compliance
· Maintain Information Commissioner’s Office registration details and other legislative requirements
· Identify and analyse risks and opportunities arising from data protection policy and legislative development
· Undertake quantitative and qualitative research, understand the latest guidance, and good practice, and analyse external and internal information to understand performance, help identify learning, and inform data protection and information governance policy and practice development
• Prepare concise, timely, and well-structured briefing papers and reports
Why you will be hired
To be considered for this role you will require:
To excel in this role, you will be able to demonstrate a passion for working with people and information, and for protecting and promoting individuals’ rights. You will be motivated, innovative, proactive, and professional. You will have the necessary strong interpersonal, organisation, and communication skills to be able to balance varied tasks across a diverse workload.
· Degree-level education or equivalent through relevant training / experience (desirable)
• Relevant Data Protection Officer training / certification (desirable)
• Experience in data protection.
· Solid knowledge of national data protection and information management laws including the UK-GDPR, Data Protection Act 2018, and Freedom of Information Act
• Knowledge of Housing Law and regulation (desirable)
• Experience of developing policies and procedures (desirable)
• Experience of building and maintaining relationships with senior managers and stakeholders
• Experience of drafting and presenting reports to executive and senior managers
• Experience of working independently and applying upward influence
· Experience of problem solving and offering a range of practical solutions to organisational issues
• Excellent communication, negotiation, organisational, and influencing skills
• High numerical, verbal, and written skills
• Excellent attention to detail
• Ability to handle confidential information
• Ability to behave in an ethical manner, and to remain impartial
• Ability to explain complex problems to different audiences, including experts and non-experts
• Good ICT and Microsoft Office skills.
Some of the benefits you can expect when you join include a strong flexible working culture, 23 days' annual leave entitlement increasing to 24 days after two years’ service and 25 days after three years’ service, an additional 5% of your salary to allocate flexibly to the benefits of your choice (including pension scheme, dental insurance, medical cash plan, dining cards, and Flex Bank with access to discounted vouchers from a range of high street shops, gift cards, and experiences), access to CSSC Sports and Leisure membership, and an Employee Assistance Programme.