Head of Information Governance and Cyber Security

The successful applicant will drive the strategic development and transformation of the information governance and cyber security agenda and will be responsible for developing and implementing a fit for purpose information governance and cyber assurance framework that takes account of best practice from national policy, the Data Security and Protection Toolkit (DSPT), Cyber Assurance Framework and internal recommendations to complex information governance and cyber security challenges.
The post holder will create and implement the Trust's Information Governance and Cyber Security Strategy with responsibility and accountability for the development, implementation and delivery of the Trust's annual Information Governance and Cyber Security work programme, incorporating information quality assurance, records management, data protection, information/cyber security and Freedom of Information and develop good information governance and cyber security practices across the organisation.
The post holder will also be delegated from the Chief Digital Information Officer (CDIO) to act in the statutory role of the Data Protection Officer (DPO) as defined under the EU General Data Protection Regulation (GDPR) 2016 with the objective of overseeing the requirements set out in EU General Data Protection Regulation., + To create and implement the Trust's Information Governance and Cyber Security Strategy with responsibility and accountability for the development, implementation and delivery of the Trust's annual Information Governance and Cyber Security work programme, incorporating information quality assurance, records management, data protection, information/cyber security and Freedom of Information and develop good information governance and cyber security practices across the organisation.
+ Provide specialist knowledge and support to the SIRO, Caldicott Guardian, Information Asset Owners, Department Heads, and Directors relating to the application of Information Governance and Cyber Security principles and processes relating to the security, integrity and confidentiality of patient and staff information.
+ Act as the subject matter expert in data protection law and advise the Trust Management Board, the Board of Directors, Chairman, Caldicott Guardian, SIRO and the Executive Directors on data protection issues as and when necessary.
+ Supporting the SIRO and Caldicott Guardian, and their deputies, to enable informed decision making in relation to all areas of Data Security and Protection Toolkit, Cyber Assurance Framework, Freedom of Information and Data Protection Act (DPA).
+ Act as the contact point for the Information Commissioner's Office (ICO). This should include collating information which may be required by the ICO in the course of any investigation or enforcement action.
+ Responsible for leading the development and implementation of mechanisms to monitor compliance against national IG & cyber standards and the requirements of UK Data Protection laws and other external performance assessments. Also to develop and design effective monitoring of KPIs and metrics.
+ Responsible for receiving, interpreting and communicating highly complex information regarding developments in national IG and cyber legislation, policy and best practice and ensuring this is embedded within the Trust.
+ Convey highly complex and contentious IG/cyber related information, which may often be perceived to be a barrier to operational practice, to a wide range of audiences who may have limited knowledge of the subject matter.
+ Act as an ambassador for Digital Health, Cyber and Information Governance service by developing and maintaining excellent working relationships with users across the organisation to deliver a high quality service and to achieve local requirements and national targets.
+ Represent the Trust at organisational and national information governance & cyber groups to determine, influence and implement national and local policies, protocols and procedures.
Please refer to the Job Description for the full specification of responsibilities and requirements for this post.
The Job Description, which includes a Person Specification, provides a full outline of responsibilities and requirements for this role. Please use your supporting statement to demonstrate how you meet the person specification., Visa and Immigration
If you are wishing to apply for this role and would require sponsorship (this includes if you are already in a sponsored post and looking to change employer), you can determine the likelihood of obtaining a Certificate of Sponsorship for this post by assessing your circumstances against criteria specified on the gov.uk website https://www.gov.uk/skilled-worker-visa/your-job.
Travelling to work
Staff parking is available onsite; however, this is limited during core working hours. We have more capacity in the evening and at weekends and can usually provide spaces during those hours.
We look to allocate these spaces fairly. Our Travel Office have a set of criteria that staff must meet in order to qualify. If you qualify for a space, you may be placed on a waiting list if we are at full capacity.
The NNUH is served by a number of public buses, and we offer generously discounted monthly passes with First Bus & Konect.
The Costessey Park and Ride runs regularly each day from 06:30 (from P&R) to 20:45 (from NNUH) and this service is free for NHS staff. There is a regular Thickthorn P&R service as well which is free. Applications to the Travel Office are required for this service. We also have a discounted service from the airport P&R if you purchase a bundle. Please see Konect website for further details.
The NNUH host multiple bicycle racks and a salary sacrifice scheme. We also benefit from a Beryl station onsite.
If you work at another Trust site, please discuss travel and parking arrangements at interview.
DBS
If this post involves working with children or adults the application form will ask for information regarding previous convictions as you will be required to undertake a Criminal Record and Barring Check known as a DBS check.
If you are a new employee or registering with the Staff Bank you will need to meet the cost of this unless your salary is less than point 9 of Afc
NHS Service
Should you be appointed to the post we will need to establish any previous NHS service via the ESR IAT and we will accept the submission of your application as your agreement to this.
UK Registration
You will need to have current UK professional registration where this is a requirement of the role.
Application
Following candidate feedback and to reduce our dependency on paper, all our communication with you regarding your application will be by email so could you please check your e-mails (and Spam) regularly.
We value equality in our team and recruit from all sections of the community. We recognise there is a wealth of talent among people who have a disability and if you meet the minimum criteria detailed in the person specification and have a disability, you may wish to be considered under the Guaranteed Interview Scheme by indicating this in the relevant section on your application.
We look forward to receiving your application and if you do not hear within the next four weeks this will usually mean that you have not been short-listed. However, if you wish to confirm this please contact the person indicated on the advert.
Flexibility
Whilst every effort will be made to recruit to the post as it is advertised, there may be occasions where we consider alternative working patterns, such as part time working, or contract types, such as secondments, depending on circumstances. Should you wish to work in a different working pattern to that stated in our advertisement, please indicate this in the supporting statement to your application.

Now is a really exciting time to join the Norfolk & Norwich University Hospital, as we and the other two acute hospitals in Norfolk and Waveney we are working on our biggest digital programme to date: introducing an Electronic Patient Record (EPR) system. This programme is a key enabler of our transformation strategies for Acute Clinical Services across all sites. This is not simply a digital programme; this is one of the biggest pieces of clinical and operational transformation in the Norfolk and Waveney, set across 3 acute trusts. You will play a part in bringing the EPR to life and beyond, as we learn together about how to use it to its full advantage over the years to come.

NHS AfC: Band 8b
At NNUH it is our privilege to provide healthcare to over one million people across Norfolk and surrounding areas. Our vision is to 'provide the best care for every patient', and if this inspires you and you share our values, we really want you to join our team.
NNUH is currently the busiest Trauma Unit in the East of England caring for almost 850 trauma patients annually many with complex care needs. We are enhancing our urgent and emergency care specialist services for patients with significant injuries as a result of trauma and have an ambition to become a Major Trauma Centre.
Our values support our vision and guide the behaviour of everything we do, these are:
People-focused
We look after the needs of our patients, carers and colleagues, to provide a safe and caring experience for all.
Respect
We act with care, compassion and kindness and value others' diverse needs.
Integrity
We take an honest, open and ethical approach to everything we do.
Dedication
We work as one team and support each other to maintain the highest professional standards.
Excellence
We continuously learn and improve to achieve the best outcomes for our patients and our hospital.
Wish you were here? So do we., Join us at the Norfolk and Norwich University Hospital and be part of a workforce of over 10,000 staff!
The NNUH is one of the largest NHS trusts in the UK, providing first-class acute care for around one million people, living in Norfolk and surrounding areas. We are a teaching and research hospital, at the forefront of innovation, home to state-of-the-art facilities, such as the Quadram Institute. We are pleased to work closely with the University of East Anglia, providing teaching opportunities for our staff and placement opportunities for their students. We attract some of the best and leading professionals from across the country and are proud that our workforce represents 94 countries from across the world.
We are a friendly, collaborative hospital, working with local services and home to N&N Hospitals Charity
We can offer you the full range of NHS benefits/discounts and in addition:
+ Flexible working hours
+ Fast Track Staff Physiotherapy Service
+ Multi Faith prayer room
+ Discounted gym memberships
+ Excellent pension scheme and annual leave entitlement
+ Wagestream - access up to 40% of your pay as you earn it
+ Free Park & Ride service direct to NNUH site
+ Free 24-hours confidential counselling support
+ On-site Nursery
+ On-site cafes offering staff discounts
+ Support in career development
+ Flexible staff bank
+ Salary Sacrifice schemes including lease cars, Cycle to Work scheme and home electronics