JOB TITLE: Information Governance Officer

RESPONSIBLE TO: Head of Data, Security, & Information Management

LOCATION: Hybrid – home based with one day per week in our Manchester office (UK travel required)

HOURS 37.5 (negotiable)

SALARY: £44,000

Applicants are required to provide a CV AND a covering letter (no more than two pages) explaining your interest in the role and why you are a good fit. Please email covering letters to

About The Road Safety Trust

The Road Safety Trust is a grant-funding charity committed to making UK roads safer, achieving impact through the funding of practical measures, research, dissemination, and education. Since its formation in 2014, they have awarded a total of £10 million pounds and are now the largest independent grant funder of road safety initiatives in the UK.

About UKROEd

UKROEd Ltd is a private, not-for-profit company responsible for the delivery, management and administration of the National Driver Offender Retraining Scheme (NDORS) on behalf of the Police service. UKROEd is a trading subsidiary of the Road Safety Trust (RST) with surplus funds from the scheme given to the charity to distribute in grants.

UKROEd values and respects each individual employee, client and customer and is committed to promoting equal opportunities throughout its workforce. As such, all suitable applicants will receive consideration for employment without regard to age, disability, gender reassignment, marriage and civil partnership status, race, religion or belief, sex or sexual orientation.

Overview of the role

The Data, Security, & Information Management team are responsible for defining and executing the RST and UKROEd Digital Strategies, developing and implementing systems that ensure all data is collected, processed, and stored securely and efficiently, and in accordance with our responsibilities under UK GDPR and data protection legislation.

As Information Governance Officer, you will haveresponsibility for a range of assurance activities in relation to the information governanceframeworks of both companies (approx. 20% RST, 80% UKROEd), including how we meet the requirements of the General Data ProtectionRegulation(UK GDPR),Data Protection Act 2018,and thePrivacy and Electronic Communications Regulations(PECR).You will be a first line point of contact for individual information rights requests (such as subject access requests), freedom of information requests, and other information governance and data protection-related matters.You will understand the importance of privacy by design and information governance best practice to ensure compliance with statutory and regulatory obligations. You will work with colleagues to conduct Data Protection Impact Assessments on new, and amended, systems and processes. You will take a leading role in supporting the application and maintenance of effective document and record management arrangements.

You will provide guidance and training on best practice and legislative compliance changes.

Principal Duties

• Be the first point of contact in the DSIM Business Area for expert advice on individual information rights requests (such as subject access requests) and freedom of information (FOI) requests, effectively escalating to the Head of DSIM when required.
• Help the Head of DSIM and the Data Protection Officer (DPO) to ensure we meet our statutory obligations and procedural requirements, produce clear responses in plain-English, and continuously improve our processes in this area.
• Support and assist people to clarify and refine their requests for information.
• Work with colleagues across the organisation to secure the necessary information and ensure comprehensive understanding of the scope and scale of any request.
• Maintain and monitor information governance logs, identifying and reporting on trends in information rights and freedom of information requests and circulating key data to the team and the wider organisation as necessary.Note: whilst the administration of information rights requests forms a critical part of the role, this is less than 15% of day-to-day activity.
• Provide data protection and information governance training, working with the Head of DSIM and DPO in developing training and delivery.
• Support the reporting and analysis of data incidents.
• Working with the UKROEd Data Analyst & Head of DSIM, help investigate by collating information to support the organisation to learn and improve practice and governance, analysing statistics and providing advice accordingly on how to reduce risk. Escalate issues as necessary.
• Help with preparing submissions in relation to any matters referred to the Information Commissioner’s Office.
• Challenge practices, processes, and procedures as required, using negotiation and specialist knowledge to achieve continual improvement and compliance.
• Working with the Head of DSIM maintain, and keep up to date, the Records of Processing Activities (RoPA, on One Trust) and Applications Portfolio.
• Work with colleagues to conduct Data Protection Impact Assessments (DPIA) as part of the Digital Board Gateway authorisation processes.
• Assist the team and organisation with internal & external reviews and audits – reviewing information governance documentation of key stakeholders as part of the Annual Provider Review (APR) process.
• With the Head of DSIM, advise colleagues, including up to senior management level, on information governance and records management issues.
• Keep up to date with developments in information governance and data protection legislation, case law and guidance.

INFORMATION GOVERNANCE OFFICER

PERSON SPECIFICATION

Qualifications

• You will either have a recognised data protection qualification or have significant experience in this area and be willing to work towards qualification.

Experience

• Experience of working in a data protection and/or information governance role, including responding to complaints and delivering excellent service.
• Experience of involvement in organisational data governance projects for example the introduction of document/ records management disciplines.
• Experience managing and maintaining a ROPA.Experience of using the One Trust system an advantage, but training will be provided.

Job Related Knowledge

• Excellent knowledge and understanding of the General Data Protection Regulation & data protection and information governance best practice.
• Ability to identify, understand and clearly explain principles of data protection and information governance legislation.

Skills and Aptitudes

• Excellent communication skills including written and verbal skills - able to communicate clearly and effectively with others and influence positive change.
• Excellent IT skills with the ability to adapt quickly to new technology and better ways of working.
• Excellent organisation and time management skills with the ability to work under pressure and meet tight deadlines when required.
• Ability to work positively and consistently across the organisation to support colleagues and maintain high standards whilst managing multiple tasks, maintaining a high degree of accuracy and attention to detail.
• A strong team player, able to develop effective relationships across the organisation with a track record of respectful, open, and honest behaviour including a demonstrable commitment to inclusion and diversity.
• The ability to use your own initiative to foster improvements across the organisation, and to deliver work to an excellent standard.