Banner Default Image

Head of Information Management

Back to job search

Head of Information Management

  • Location:

    East Sussex

  • Sector:

    Knowledge & information management

  • Job ref:

    DR1 - 26224

  • Job type:

    Permanent

  • Salary:

    Up to £63,852

  • Contact:

    Daniel Rose

  • Contact email:

    daniel.rose@suehill.com

  • Contact phone:

    020 7378 5459

  • Posted:

    30/09/21

  • Duration:

    Permanent

Head of Information Management

Sussex

Up to £63,852

Permanent

Full Time – 37 hours a week

Start – ASAP

 

About the company

 

Sue Hill Recruitment have been instructed by our Public Sector client in Sussex, who is looking to recruit an experienced Head of Information Management (Senior Manager and Information Governance professional),

who can lead the Information Management team, and act as Data Protection Officer whilst also advising Chief Officers on a sustainable future model for resourcing Information Management.

 

The post-holder will work closely with the Head of Corporate Development and other senior stakeholders to understand the future needs of the organisation and ensure that they have the correct structures and resources in place to deliver their obligations under GDPR and to improve the way that the organisation manages Information.

 

This is an exciting opportunity to shape the organisations approach to Information Management and improve the service to the public. They are looking for someone who is pro-active and can hit the ground running.

 

What you’ll be doing

 

JOB PURPOSE

 

To develop and direct the delivery of the Information Management strategy, resources and functions to effectively manage the organisations Information assets, supporting regional collaboration and ensuring that the statutory obligations are effectively and lawfully discharged

 

To perform the role of Data Protection Officer, overseeing and directing all data protection and related Information privacy activities, to ensure the proper handling of personal Information to comply with data protection legislation.

 

This includes:

  • Provide specialist advice, training and instruction to ensure all personnel have an appropriate level of awareness in relation to GDPR data protection legislation.

  • Provide the audit capability of all aspects of data protection governance

  • Raise the profile of data compliance across the organisation, by setting the Data Protection Compliance Strategy and fostering a data protection culture.

  • Oversee the Management of personal Information, including the creation, review and updating of effective policies and procedures across business units and any future transformational activities.

  • Responsible for Information lifecycle Management, which includes data quality, Information security, Data Protection and Freedom of Information Act, Information exchange and disclosure procedures.

.

KEY ACCOUNTABILITIES

 

  • Develop, negotiate and deliver an agreed strategy and implementation plan for Information Management which supports the strategic objectives of the organisation, ensuring it is compatible with national and regional initiatives and directives, and legislation including GDPR and the new Data Protection Act 2018.

  • To act as Data Protection Officer for the organisation including:

Ø    Advising Chief Officers on the Data Protection Compliance Strategy and fostering a data protection

culture within the organisation, including metrics for Data Protection Impact Assessments and monitoring the performance of such assessments.

Ø    Monitoring compliance with the GDPR and other data protection laws, data protection policies,

awareness-raising, training, and audits.

 

  • Support and lead the concept of ‘Data Protection by Design’ by ensuring that Privacy Impact Assessments are integrated in the early stages of any project, and then throughout its lifecycle when:

Ø  Building new IT systems for storing or accessing personal data

Ø  Developing policy or procedures that have privacy implications

Ø  Embarking on a data sharing initiative

Ø  Using data for new purposes

  • Undertake systematic auditing and monitoring of all local and national Information and systems used to ensure compliance with GDPR data protection legislation, national standards, Codes of Practice, and policies and procedures; identifying issues & risks, and reporting to Chief Officers to ensure corrective actions are implemented.

  • Risk assess and determine the frequency of system audits through application of the Data Protection Manual, formulating and submitting recommendations to the Security and Information Management Board.

  • Direct effective governance of policies and procedures, and specifically development of policy and procedures to support Information Management, consistent with DPA/FOI and MOPI principles and Information Management related projects.

  • Achieve compliance with the Data Protection Act obligations, including subject access, courts and other legislative requests, including in relation to withdrawal of consent, the "right to be forgotten", and other rights available to data subjects under data protection legislation.

  • Lead all DBS disclosure decisions where this function is delegated.

  • Development, review and audit of all Information Sharing Agreements.

  • Develop and implement a system of Data Protection Impact Assessment for all high-risk activity relating to personal data.

  • Provide briefings, advice and guidance to Chief Officers or Heads of Departments on all matters relating to Information Management and lead on training and awareness strategy for Information Management

  • Manage all staff responsible for delivering IM, DPA, FOIA, Data Compliance, FRB and disclosure functions in accordance with employment policies and employment regulations.

  • Initiate, sponsor and deliver Information Management change programmes and projects and lead the Information Management contribution to other relevant programmes.

  • Share knowledge and best practice and identify collaborative working opportunities. Develop and maintain effective and cooperative working relationships with other companies and outside agencies in order to ensure best practice across data protection legislation matters.

  • Oversee an effective process for the identification and internal reporting of data protection and cyber security breaches. Develop strategies for the Management and rectification of any data security incidents. Perform investigations into data protection and cyber security breaches.

  • Liaise with the CIO regarding notification of any data breaches to the ICO. Assist where appropriate in the investigation of misconduct and criminal matters where breaches of data protection are a factor, through the provision of advice and assistance with the evaluation of evidence.

  • Liaise with Legal Services regarding changes to data protection legislation, and the implications of these, including any required changes to policies, procedures and working practices.

  • Undertake other duties appropriate to the grade and character of work as may be reasonably required, including specific duties of a similar or lesser graded post.

 

Why you will be hired

To be considered for this role you will require:

  • Degree or appropriate qualification/experience in Information Management, Business Management with a strong information element, or similar

  • GDPR/DP management qualifications

  • Expertise in GDPR and other national and European data protection laws and practices, such as the Data Protection Act, Freedom of Information Act, Computer Misuse Act, Copyright, Designs and Patents Act, Human Rights Act, and the HMG Security Policy Framework.

  • Experience in a data protection role, preferably within a public sector organisation using large- scale, complex information processing systems.

  • Experience of implementing a compliance strategy within an organisation and conducting audits, investigations and risk management to ensure adherence.

  • Understanding of information security management, information technologies and data security.

 

Before an appointment can be confirmed, you will be subject to an MV+ level vetting procedure

Why you should apply

This is a fantastic opportunity for an experienced Information Governance professional to lead and shape the organisations future

If you are interested in learning more: Please get in touch on 020 7378 5469 or Daniel.rose@suehill.com