Public Sector | 26-11-2024
Senior Information Manager
- Southampton
- Competitive rates
Location: Southampton (Hybrid) 3 days per week in the office.
The role will sit under the requestor, the Head of Data Protection, to act as a deputy and support with their statutory tasks, ensuring that provision of expert data protection advice to the organisation is delivered in a timely and compliant manner.
The role involves providing expert data protection advice and guidance to the agency, staff and third parties.
The key day to day tasks for this role are:
- Provide expert data protection advice to the business in relation to the data protection functions.
- Manage the Data Protection Impact Assessment (DPIA) process, ensuring the agency undertakes DPIAs when required. Advise on and assess risks identified in Data Protection Impact Assessments, working with stakeholders to mitigate risks.
- Maintain the record of processing activities (ROPA) log.
- Assist the Head of Data Protection in responding to formal complaints received from data subjects.
- Provide advice to business areas responding to Individual Rights requests (including Subject Access Requests) from individuals, including advising on correct process, redaction and exemptions.
- Manage the data breach reporting process, assessing risk and advising on appropriate actions, mitigations and reporting obligations where personal data breaches have occurred.
- Manage the Data Protection risk register identifying data protection compliance risks alongside other business risks.
- Review and maintain Privacy Notices, ensuring data subjects are accurately informed about processing and the rights available to them. Ensuring relevant and accessible Privacy Notices are in place where required.
- Raise awareness of Data Protection legislation and disseminate updates. Support the delivery of the annual training plan, creating and delivering structured training as well as informal guidance to all staff on Data Protection issues.
- Support the production of statistics/KPIs where required to track team activity and/or support wider business reporting requirements, escalating where necessary.
- Provide expert advice and assistance on the development of legal agreements relating to the processing of personal information to ensure data protection compliance, including data sharing agreements, data processing agreements, data transfer agreements, data disclosure agreements and other internal or third party agreements.