Upload File

€¦  · web viewmake recommendations to the senior management ... understanding of information...

  • Home
  • Documents
  • €¦  · Web viewMake recommendations to the senior management ... Understanding of Information Risk Management including horizon scanning for emerging ... particularly Word, Excel
6
The Renal Association UK Renal Registry Job title: Information Governance and Data Protection Officer Accountable to: Chief Executive Department: Operations Reports to: Head of Operations / SIRO Job Type: Permanent General Information The UK Renal Registry (UKRR) has been set up by the UK Renal Association (RA), an independent body of specialist renal doctors. The UKRR provides a similar function to other national renal registries in the US, Canada, Australia, Austria, Finland and Malaysia. The UKRR provides a comparative audit service to renal units throughout the UK. It also has close links with NHS England and commissioners providing the national statistics for service planning and evaluation. The UKRR is funded by a direct charge to the participating renal centres and through specific grants for research and quality improvement projects. The UKRR collects data on patients with kidney disease. Its primary objective is to help drive the improvement and reduce unwarranted variation in the care of patients with kidney disease in the UK by the provision of comparative audits for the use of providers and commissioners, including audits of incidence and prevalence of Renal Replacement Therapy, centre-specific survival analysis and comparative analysis of quarterly laboratory data. Governance of the UKRR is provided by the Renal Information Governance Board (RIGB). This Board comprises The Trustees of the RA, chaired by the Past-President, and is attended by the accountable officers of the UKRR, Rare Diseases Committee, and the Patient View Committee. Job Purpose Working closely with the Caldicott Guardian and SIRO, support the establishment of a proactive and integrated approach to information governance (IG), the Data Protection Act 2018 and the General Data Information Governance and Data Protection Officer job description_draft Page 1

Upload: buimien

Post on 06-Sep-2018

213 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: €¦  · Web viewMake recommendations to the senior management ... Understanding of Information Risk Management including horizon scanning for emerging ... particularly Word, Excel

The Renal Association UK Renal Registry

Job DescriptionJob title: Information Governance and Data Protection Officer

Accountable to: Chief Executive

Department: Operations

Reports to: Head of Operations / SIRO

Job Type: Permanent

General Information

The UK Renal Registry (UKRR) has been set up by the UK Renal Association (RA), an independent body of specialist renal doctors. The UKRR provides a similar function to other national renal registries in the US, Canada, Australia, Austria, Finland and Malaysia. The UKRR provides a comparative audit service to renal units throughout the UK. It also has close links with NHS England and commissioners providing the national statistics for service planning and evaluation. The UKRR is funded by a direct charge to the participating renal centres and through specific grants for research and quality improvement projects.

The UKRR collects data on patients with kidney disease. Its primary objective is to help drive the improvement and reduce unwarranted variation in the care of patients with kidney disease in the UK by the provision of comparative audits for the use of providers and commissioners, including audits of incidence and prevalence of Renal Replacement Therapy, centre-specific survival analysis and comparative analysis of quarterly laboratory data. Governance of the UKRR is provided by the Renal Information Governance Board (RIGB). This Board comprises The Trustees of the RA, chaired by the Past-President, and is attended by the accountable officers of the UKRR, Rare Diseases Committee, and the Patient View Committee.

Job Purpose

Working closely with the Caldicott Guardian and SIRO, support the establishment of a proactive and integrated approach to information governance (IG), the Data Protection Act 2018 and the General Data Protection Regulation (GDPR) to ensure that good practice is embedded across the organisation. Reporting to the Head of Operations, actively manage key areas of IG including Data Protection Impact Assessments and requests relating to data subjects rights.

The aims of the post are to Ensure the Renal Association (RA) meets agreed statutory, legal and governance standards Enable the RA to maintain its business by ensuring all information governance requirements are met

including (but not exclusively) maintenance of Section 251 approval, and achievement of ISO 27001, the new legal framework in the EU: GDPR

Ensure all accreditations are achieved and maintained Make recommendations to the senior management team (SMT) based on statistical data, business

knowledge and other findings Independently investigate all IG breaches

Information Governance and Data Protection Officer job description_draft

Page 1

Page 2: €¦  · Web viewMake recommendations to the senior management ... Understanding of Information Risk Management including horizon scanning for emerging ... particularly Word, Excel

Main Duties Support the overall completion of the Data Security & Protection Toolkit by being responsible for in -

formation assurance and liaising with key individuals to ensure that progress is monitored through-out the year and that the annual submission is completed on time.

Advise the SMT and work with the SIRO and Caldicott Guardian to support the RA in maintaining all its accreditations including section 251, the DSP toolkit, the Information Standard.

Provide advice and guidance to all staff in relation to their obligations under the GDPR and relevant UK legislation, including statutory and regulatory compliance.

Monitor compliance with the GDPR, relevant supporting UK legislation and relevant policies in rela-tion to the protection of personal data.

Report on the status of compliance with the GDPR to the SMT, including briefing on specific matters for their review.

Organise and lead regular IG forums, ensure actions are followed up and any issues escalated to the CEO.

Conduct and manage internal and external audit requirements for any and all Data Protection re-lated audits and compliance reviews, and report results and recommendations to the SMT.

Manage and run Information Security Management System (ISMS) infrastructure. Coordinate the identification, assessment, reporting and management of risk in relation to all as-

pects of IG within the RA, including regular review of the Information Asset Risk Register and report -ing to the SIRO.

Ensure that the RA has documented processes and policies for governance in place to cover all of its work and statutory requirements.

Liaise with HR to oversee and assist in the roll out and monitoring of awareness and ongoing IG train-ing for all staff, including contractors and honorary staff, both online and face to face where re -quired.

To identify and implement new national (and international) standards that will further the reputation of the UKRR, including ISO 27001

Provide advice and review of data protection impact assessments where required and monitoring their ongoing implementation and review. This includes acting as the formal sign off of any assess -ments meeting the criteria

Investigate any potential adverse incidents ensuring that any incidents that require notification to the Data Subject and/or Supervisory Authority are completed within the 72 hour timeframe

Advise on any Information Sharing Protocols Co-operate with the supervisory authority (currently the Information Commissioner’s Office) Act as the contact point for the supervisory authority on issues relating to processing of personal

data and compliance with the GDPR and working with the SIRO and Caldicott Guardian to resolve these

Act as the contact point for data subjects on issues and queries relating to processing of personal data and compliance with the GDPR and working with the SIRO and Caldicott Guardian to resolve these

Develop and maintain skills and expertise to keep up with current requirements of the Regulation and supporting legislation.

Build strong relationships with other partner data protection officers to encourage the sharing of knowledge, best practice and reliable information sharing arrangements

Information Governance and Data Protection Officer job description_draft

Page 2

Page 3: €¦  · Web viewMake recommendations to the senior management ... Understanding of Information Risk Management including horizon scanning for emerging ... particularly Word, Excel

Statutory and legal (Audit and Governance) Work with HR Officer to ensure the standard operating procedures (SOPs) are in place to avoid a

breach of employment law. Work with HR Officer to ensure the RA complies with Health and Safety legislation. Work with the Finance and Office Manager to ensure SOPs are in place to enable the RA to conform

to Charity Commission rules, regulations and recommendations. Work with the Finance and Office Manager to ensure statutory insurance is in place and renewed as

required.

Ad hoc To undertake any other occasional ad hoc duties as required by the CEO of the RA or the SMT.

Key standards (not limited to) Section 251 Data Security & Protection Toolkit ISO 27001 Data Protection Act 2018 General Data Protection Regulation Information standards

Line managementNone

Skills Specification

Qualifications Essential/DesirableFirst degree or equivalent knowledge and experience E

Experience/skillsBroad and in depth Information Governance knowledge and experience

E

Strong knowledge of Data Protection legislation, specifically the General Data Protection Regulation and any supporting legislation

E

Practical knowledge of Data Protection compliance including best practice

E

Experience working with Data Protection in the public sector or experience working with complex legal matters and being able to decipher them simply for other audiences

E

Understanding of Information Risk Management including horizon scanning for emerging risks, reporting and analysis and route cause analysis

E

MS Office skills, particularly Word, Excel, Outlook and PowerPoint.

E

Team worker, including diplomacy and proven success working with different types of people

E

Effective communication skills, using a variety of methods with variety of audiences

E

Planning and organisation E

Information Governance and Data Protection Officer job description_draft

Page 3

Page 4: €¦  · Web viewMake recommendations to the senior management ... Understanding of Information Risk Management including horizon scanning for emerging ... particularly Word, Excel

Time management ENegotiating/influencing skills EProblem solving/initiative EPresentation skills EInnovative EProcedure writing ETraining – prep and delivery DNHS or other healthcare working experience DAbility to effectively and sensitively manage change DWorkshop facilitation DContract management DMeeting management D

KnowledgeData protection law ERenal clinical DRenal terminology DEmployment law DHealth and safety D

Other Relevant Information

Travel requirementsSome UK and European travel may be required together with overnight stays.

Equality & Diversity Aims As a member of staff you have a personal responsibility to ensure you do not discriminate, harass or bully or contribute to the discrimination, harassment or bullying of any colleague(s) or visitors or condone discrimination, harassment or bullying by others.

Risk ManagementStaff at all levels have a responsibility for ensuring that risks are managed, as an employee you will be expected to maintain a high level of awareness and assist in the process of reporting incidents, assessing risks and reporting unsafe occurrences and to co-operate with any investigations undertaken.

Health and Safety Under the Health and Safety at Work Act 1974, as an employee, you must take reasonable care for the health and safety of yourself and for other persons who may be affected by your acts or omissions at work. The Act also states that you must not intentionally or recklessly interfere with or misuse anything provided in the interests of health, safety and welfare. As an employee you are required to report all accidents to the UKRR HR Officer.

Information Security and Confidentiality During the course of your employment you may have access to, see or hear information of a confidential nature and you are required not to disclose such information, particularly relating to patients or staff. All person identifiable information must be held in the strictest confidence and should be disclosed only to authorised people in accordance with NHS Confidentiality Guidelines [Caldicott] and the Data Protection Act 1998 unless explicit written consent has been given by the person identified, or where information sharing protocols allows it.

General Information

Information Governance and Data Protection Officer job description_draft

Page 4

Page 5: €¦  · Web viewMake recommendations to the senior management ... Understanding of Information Risk Management including horizon scanning for emerging ... particularly Word, Excel

This job description is not intended to be an exhaustive list of duties, but it aims to highlight the typical main responsibilities of the post. It may be reviewed from time to time in agreement with the post holder.

Approved by: Date:

Accepted by: Date:

Information Governance and Data Protection Officer job description_draft

Page 5


Malware Scanning and Cleanup Tool for Standalone …apac.trendmicro.com/cloud-content/apac/pdfs/business/datasheets/... · Centralized management type operation Scanning tool standalone

Chapter 03 -Marketing Management "Gathering Information & Scanning the Environment"

F secure Radar vulnerability scanning and management

Barcoding and other scanning technologies to improve ...  · Web viewWhen developing business cases for scanning technology in medication management, health service organisations

Document Management System and Scanning Software Company of India

Document Management And Scanning Services

DTI Scanning Services | FileBound On-Demand Cloud Document Management

Vulnerability Scanning & Management...scanner [3]. Vulnerability Scanning This paper presents a typical vulnerability scanning process conducted on a target using Nessus Vulnerability

Scanning and Document Management in Practice - SCIMP · Scanning and Document Management in Practice Making IT work for you! SCOTTISH CLINICAL INFORMATION MANAGEMENT IN PRACTICE

Workshop „Photogrammetrie und Laser-Scanning für … · Workshop „Photogrammetrie und Laser-Scanning für Facility Management und As-Built-Dokumentation“, Oldenburg, 31.1-1.2.2002,

Network Security Scanner Network vulnerability scanning, patch management and auditing

Environmental scanning and knowledge management

Local Government Records Management Program Manualportal.cityofsparks.us/media...source-document digital scanning and microfilming, output of digital information to microfilm, scanning

Scanning document management system | Document management system

Scanning and Records Management Services › sites › default › files › Records...Scanning and Records Management Services Service Without Reservation 2 Chickasaw Nation Industries,

Improving the Applicability of Environmental Scanning ... · Improving the Applicability of Environmental Scanning Systems 209 (DSS), management information systems (MIS), executive

Document Services Capability Statement...• Primary SIC: 7374 Optical Scanning Service • UNSPSC: 81112005 Document Scanning 80161506 Data Archiving 43232202 Document Management

Scanning & document management

Qbe casualty-risk-management-horizon-scanning-and-emerging-insurance-risks

Scanning Document Management System | Document Management System Software

Scanning Document management System Software

Document Scanning, Document Capture and Management - Data Direct

Information Management LAP 2 Environmental Scanning Get the 411

Environmental Scanning and Environmental Management

Environment scanning in Strategic management

Document Scanning Essentials - New York State …...Software • Scanning and image management (e.g. ECMS) • Workspace • Document preparation • Workstation • Scanning and indexing

Tripwire IP360 Vulnerability Management Scanning Best Practices

 · Document Scanning Microfilm Scanning Microfiche Scanning Document Storage Records Management Scan on Demand Digital Mailroom Invoice Capture Online Document Hosting Call 08006124065

Better Management Practices Environmental Scanning - 20 May 2004

Fundação Dom Cabral › 2014 › 07 › pintec-2015-2-3… · Inteligência Competitiva Environmental Scanning Knowledge Management Horizon Scanning Gestão do Conhecimento Intelligence

Benefits of scanning management system for buisness

2016 Annual Report · Document Management System and Scanning: The hild Support agency is supporting and testing the rollout of document scanning, archiving, and management for the

The Experts in Document Scanning | Storetec · Our expert services include: Document Scanning Services Document Storage Solutions FreeDocs Document Management Microfilm & Microfiche

Capgemini€¦ · iRecruitment Support Scanning Captiva Document Storage Crown DMS Crown Attendance Management Enterprise Content Management Duty Management Management Information

Strategic Management and Business Policy - Frat Stock Management Case #1 (Chapter 3) 4 Chapter 4 Environmental Scanning and Industry Analysis In class discussion: Scanning (Chapter