Banner Default Image

Information Governance and Data Protection Officer

Back to job search

Information Governance and Data Protection Officer

  • Location:


  • Sector:

    Knowledge & Information Management

  • Job ref:

    DR - 26381

  • Job type:


  • Salary:

    £250 - £300

  • Contact:

    Daniel Rose

  • Contact email:

  • Contact phone:


  • Posted:


  • Duration:

    6 months

  • Startdate:


Information Governance and Data Protection Officer

6 Month Contract


£250 - £300 Per Day

Full Time Hours – 36 per week

Work From Home – Occasional Need to visit site

ASAP Start



About the company


Sue Hill Recruitment are delighted to be working with this London based social housing provider, who is looking to recruit an Information Governance and Data Protection Officer on a 6-month contract, paying a day rate of between £250-£350.


You will be supporting the client in complying with all its data protection obligations, including delivering the compliance programme for GDPR. As Data Protection Officer and Subject Matter Expert, you will also lead on all strategic and day-to-day data protection and privacy obligations.


What you’ll be doing

·         The first point of contact for enquiries from colleagues on Data Protection, Freedom of Information and Data Subject Access Requests, providing them with appropriate advice, guidance and support.

         The main contact for data subjects, ensuring that Freedom of Information and Data Subject Access Requests are answered within statutory timescales and complaints/appeals are effectively recorded and responded to.

         Maintaining and continuously improving the Information Governance Framework e.g. up to date policies and standards being worked to, achieving and maintaining compliance with both current and future legislation.

         Providing support and guidance to the Information Risk and Information Asset Owners in carrying out their responsibilities through proactive engagement, as well as the provision of good quality and up to date documentation to assist them.

         Attending meetings and being part of projects as required to provide specialist knowledge and expertise to ensure data protection by design at all levels e.g. security and privacy requirements for new ICT systems.

         Providing regular management reports to the Executive Leadership Team, Board and Committees as required i.e. data breaches, delivery of the GDPR action plan.

         Providing advice and support to colleagues on how to carry out Data Protection impact Assessments (DPIAs) and when these are required.

         Liaison with organisations processing data to provide assurance that proper processes and safeguards are in place.

         Designing and delivering a responsive programme of education and training on all areas of data protection and information governance, supported by regular communications to colleagues to ensure knowledge is embedded throughout the organisation.

         The primary contact for the Information Commissioners Office, with responsibility for co[1]ordinating responses to any queries or notices served.

         Leading a data incident response and data breach notification procedure, ensuring all information security incidents/breaches are logged, investigated and managed appropriately, making sure that proper records are kept and reported to ELT, the Audit, Risk & Assurance Committee.

         Maintaining, reviewing and regularly updating the Security Operating Procedures document and any other relevant security documentation in the light of changing legislation and best practice.

         As Data Protection Officer, regularly liaising with the ICT team to ensure its activities are identified, planned and completed in compliance with data protection legislation, including GDPR.

         Identifying and understanding risks and opportunities arising from data protection and legislative developments, reporting on the challenges for the business and making recommendations to address gaps and/or areas of non-compliance.




Why you will be hired

To be considered for this role you will require:

         Ideally a minimum of 5 years combined experience of working in an information governance/management role with data protection legislation and GDPR responsibilities

         Experience of working in a customer-facing role

         Ability to give/receive feedback in a constructive manner.

         Organised and methodical approach to workload and meticulous record keeping

         A self-starter with the ability to meet deadlines and deliver projects on time

         Confidently able to provide advice to officers at all levels

         Able to maintain a high level of confidentiality and discretion, and deal with information requests with tact and understanding

         Excellent written communication skills, including letter writing

         Proficient in MS packages e.g. Word, Excel, Outlook and Teams

         Experience of iCasework case management platform beneficial

         Current member of relevant professional bodies beneficial