Information Governance Officer

This vacancy is open to employees of Isle of Wight NHS Trust and Portsmouth Hospitals University NHS Trust only.

Band 5:£31,049- £37,796 per annum

Full time hours:37.5 per week

Location:St Marys, Isle of Wight, PO30 5TG and Mitchell Way, Portsmouth PO3 5PE

Contract type:Permanent

Are you passionate about data protection, information governance, and making a real impact in healthcare? Were looking for a detail-oriented Information Governance Officer to join our proactive Governance and Risk team, supporting both Portsmouth Hospitals University NHS Trust and Isle of Wight NHS Trust.

You'll be at the heart of managing Subject Access Requests (SARs), Freedom of Information (FOI) requests, and supporting the delivery of the Data Security and Protection Toolkit. You'll also contribute to incident investigations, policy development, and staff training. You'll work closely with colleagues across departments, providing expert advice and guidance on legislation such as the UK GDPR, Data Protection Act 2018, and Freedom of Information Act 2000.

This is a multi-site role, offering variety and the opportunity to work across two leading NHS organisations. Travel between sites may be required and will be arranged locally.

If you're ready to take the next step in your IG career and contribute to the safe and effective management of information across two NHS Trusts, apply today and join us in shaping a safer, more compliant future for our Trusts.

Key responsibilities:

• Lead and manage IG administrators and clerical staff.
• Oversee SARs and FOI requests across both Trusts.
• Provide expert advice on GDPR, FOIA, DPA 2018, and other Information Governance legislation.
• Support incident management and policy compliance.
• Maintain accurate records and performance data.
• Deliver training and guidance on IG best practices.

Why Join Us?

• Make a meaningful difference in how patient and staff data is protected.
• Enjoy opportunities for professional development and training.
• Work in a role that values innovation, integrity, and collaboration

Our vision for Single Corporate Services

Isle of Wight NHS Trust (IWT) and Portsmouth Hospitals University NHS Trust (PHU) have a shared vision of a single corporate service across our two organisations, supported by a single set of identical systems and processes, under joint leadership, to drive significant efficiencies, improve employee experience, and return time to patient care.

This vacancy is part of the Single Corporate Services Division.

Why are we changing the way we deliver Corporate Services?

Working as a partnership, both IWT and PHU have a shared vision for excellence in care for our patients and communities; with a set of strategic aims underpinning how we will achieve this. The creation of a single corporate service is essential for us to support our clinical and operational services, and our wider transformation programme.

The single corporate service is delivered across both organisation. You may be based at either IWT or PHU and individuals may be required to undertake business travel between sites. For leaders managing staff across multi-site locations, you will need to be visible and provide in person leadership. The arrangements and frequency will be agreed locally.

Job purpose

To ensure both Trusts meet their legal and regulatory obligations associated with information governance and data protection management and to ensure that there are robust arrangements in place to continue to be well led organisations. This includes assurance and escalation as necessary.

Job summary

• To ensure that all data protection and freedom of information request for information are processed, in line with legal timeframes and as per the Groups policies, and procedures.
• To assist on the requirements of the Data Protection and Security Toolkit for the organisation ensuring all assertions are completed for submission.
• To be an integral part of the Information Governance Team ensuring high standards of Information Governance are implemented and maintained across the Group.

Specific Core Functions

• Provide direct leadership and line management of the IG administrators, and wider clerical team.
• To support the delivery of all functions associated with information governance (IG) and data protection, relating to UK General Data Protection Regulations (GDPR), Data Protection Act 2018 (DPA 2018) Access to Health Records Act 1990 (AHRA), Freedom of Information Act 2000 (FOIA) Environmental Information Regulations (EIR) and all associated Information Governance work streams including the annual Data Security Protection Toolkit.
• Communicate verbally and in writing with staff at all levels to a high standard, both internal and external to promote best practice and partnership working in the areas of Information Governance.
• Respond to internal and external enquiries, e.g. patients, their representatives and members of the public, external agencies according to departmental procedures, escalating to the most appropriate available person as required.
• Provide assistance throughout the organisation and wider healthcare community for all associated Information Governance processes as necessary including all responsibilities linked to the Data Security and Protection Toolkit requirements.
• Provide specialist expertise to Trust colleagues regarding information governance related incidents, providing reports, recommendations and feedback as required.

For additional information please see attached Job description.

• Degree level (or equivalent).
• Accredited Courses associated with Information Governance, Freedom of Information Act, Subject Access

• Evidence of significant experience in system administration.
• Advanced skills for keyboard use for producing reports, spreadsheets and correspondence.
• Excellent verbal, telephone and written communication skills. Ability to use own initiative and deal with competing priorities.
• Works autonomously but can seek advice when necessary/manages a discrete area of work.
• Expertise within specialism, underpinned by practical experience.
• Management of team and line management responsibilities.

• Detailed knowledge of UK GDPR the Data Protection Act and Freedom of Information Act.
• Significant experience of information handling and analysis gained in a work environment.
• Have a good understanding of the requirements of the Caldicott recommendations for handling data with the NHS