Data Protection & Information Governance Manager Candidate Information Pack
Working in partnership with
Thank you for your interest in the role of Data Protection and Information Governance Manager. I do hope you will it some serious thought. In this role, you will have a real chance to influence the design and future of the University’s data protection and information governance work, following a redesign of the team. You will be a key member of the new Governance, Compliance and Risk team, located at the heart of the University and working with stakeholders right across it to build the data protection and information governance function, increasing its reach and visibility across the staff. It’s a really exciting time to join the University. We have just approved a new strategy and we are in the process of reorganising to ensure that we can deliver it. The new Data Protection and Information Governance Manager will hold a vital role in ensuring that as we move towards our strategic goals, we do so with excellent data protection and information governance principles and processes built in and embedded. As we move forward, we will need your expertise, proactivity and influencing skills to ensure this. You will find the University and its staff open, creative and forward- thinking. We work in a dynamic and collaborative environment which encourages teamwork and recognises Welcome.
the significance of individual contribution. Working in a central environment with a network across the University, you will contribute to this culture as well as being part of it. You will also be a key part of a place with real positive impact on society. We are committed to providing exceptional education and a supportive environment for our diverse community of students. We value and nurture diversity and we are committed to sustainability, social responsibility and community engagement. Working here will contribute to the significant impact we have on the lives of students, staff and the wider community. That is something I personally value. My vision for the data protection and information governance function is to facilitate collaboratively the work of our colleagues, helping them to manage data and its risks efficiently and smartly. If this appeals to you, I encourage you to explore this candidate pack and consider being a part of the University and the team. With best wishes Miriam Lakin, Associate Director of Governance, Compliance and Risk
Executive summary About us Governance, Compliance & Risk The role Working at the University of Northampton How to apply
“Only when you
experience a place do you learn how to make it your own.”
About us.
The University of Northampton is one of the youngest universities in the UK, gaining full university status and research degree awaring powers in 2005. Whilst we may be a ‘new’ University, we have made our impact in the Higher Education sector. We are committed to doing things differently; for example, we were the first University in the UK to be named as a Changemaker Campus in 2012 and are dedicated to creating social impact in all that we do. Our overt focus on positive change was spearheaded by our relocation to Northampton town centre with the opening of our Waterside Campus for the 2018/2019 academic year. The impetus of this bold move was to create a learning experience based on how our students
want to learn, rather than how it is expected, whilst also securing the sustainable future of our University. Since 2018, we have embraced our purpose- built state-of-the-art campus, being witness to many day-to-day interactions/experiences of our University community within our new physical estate. Listening and learning from those experiences, has allowed us to identify further opportunities to evolve. Against a backdrop of sustained growth in student numbers, with 2022 marking our current record year, this is an exciting era for the University of Northampton. Our recent achievements can be viewed at northampton.ac.uk/about-us/our-achievements/
Becky Bradshaw, Chief Operating Officer
The Governance, Compliance & Risk Team
Chair of the Board
Vice Chancellor & CEO
Chief Operating Officer
Director of Estates & Campus Services
Associate Director of Governance Compliance & Risk
Director of Marketing & Student Recruitment
Director of Human Resources
Academic Registrar
Chief Information Officer (IT Services)
Director of Global Engagement
Information Governance
Legal Services
Risk Management
Governance
Health & Safety Management
Risk & Business Continuity
The role.
Principal duties & responsibilities • To act as the University’s Data Protection Officer as defined under the UK General Data Protection Regulation (GDPR). • To lead on the development of the University’s approach to data protection, freedom of information, information governance and records management, keeping the University informed about changes in relevant legislation and making recommendations on best practice and the improvement of compliance. • To provide expert information and advice on the University’s obligations under data protection and freedom of information legislation, and on records management and information governance. • To monitor the University’s compliance with the Data Protection Act 2018, Freedom of Information Act (FOI) 2000 and other applicable law or regulation. To report on this and to escalate non- compliance as necessary. • To work with staff across the University to promote a culture of effective information governance which sustains high standards of compliance. • To review, develop, update and implement, in conjunction with other appropriate staff, data protection, information governance and records management policies, and the procedures and processes for ensuring purpose and compliant with relevant legislation. To monitor and report on policy and process compliance. • To analyse the University’s activities with personal data with a view to preventing non-compliance. compliance with these. To ensure policies and processes are fit for
• To be responsible for the maintenance of the University’s Freedom of Information Publication Scheme, ensuring its accurate and timely updating. • To develop and maintain appropriate guidance documentation for staff. • To devise, deliver and maintain guidance and staff development and training in data protection, GDPR, freedom of information and information governance, working with other colleagues as appropriate. • To ensure a contact point and contact details are clear and visible to individuals whose data is processed, and that individuals contacting the team receive timely, accurate and sensitive responses. • To maintain a thorough awareness of developments in higher education, data protection, freedom of information and information governance, liaising with other DPOs to share and learn from best practice. To provide timely advice to the University on the implications of new developments. • To represent the University externally as appropriate. • To be the first point of contact for the Information Commissioner’s Office. • To represent the Governance, Compliance and Risk team at University committees and working groups as requested by the Associate Director of Governance, Compliance and Risk to liaise internally and externally about the storage of records. • To take responsibility for their own personal development to contribute to the overall strategic direction of the Governance, Compliance and Risk team.
• To assess the risks of data processing activities and design policies and procedures accordingly. To provide advice to senior management, data controllers and processors about the risks of data processing activities. • To be responsible for the management of subject access and FOI requests in accordance with the applicable legislation. • To advise on Data Protection Impact Assessments (DPIAs) and monitor their completion and conclusions in accordance with legal/regulatory requirements to ensure that there are mechanisms for carrying out DPIAs which are robust and visible. • To record and investigate data breaches and information security incidents with the intention of preventing future reoccurrence and protecting individuals’ data and the organisation to ensure that records of data breaches and information security incidents are kept. • To ensure that information audits take place as necessary. To be responsible for the completion of audits and/or mapping of information, data, and processes and for reporting on these. • To ensure that records of the processing are kept by the University in accordance with GDPR Article 30. • To provide as required high quality information, data, and reports about the work and findings of the data protection and information governance team. • To establish, develop and maintain a records retention schedule for the University’s corporate records in line with relevant legislation and best practice. To monitor compliance with the records retention schedule and promote the use of best practice records management throughout the University.
Job Title
Data Protection & Information Governance Manager Associate Director of Governance, Compliance and Risk 8
Grade
Responsible to
Overall purpose • To lead the University’s data protection and information governance service and team. • To be the University’s lead on data protection, freedom of information, information governance and records management and in particular to advise on compliance in these areas. • To develop and implement the policies and procedures that ensure compliance.
Core people management duties and responsibilities
• Lead, develop and empower the Data Protection and Information Governance team, ensuring the delivery of effective and efficient services and fostering an inclusive and high performing culture. This includes the line management of the Information Governance Officer and Information Governance Administrator • Regularly review staffing to ensure maximum effectiveness and efficiency is delivered whilst providing high quality leadership and management for all staff in the department. • Plan resources (human and capital) to ensure adequate coverage to meet the needs of the service whilst recognising employee wellbeing. • Manage performance and behaviour (including the PDR and the Probation period) of a team on an ongoing basis. • Monitor leave and absence of the team on an ongoing basis. Approve annual leave requests, manage poor attendance and support staff with ongoing ill health issues. • Monitor and approve development opportunities to meet changing needs of the University and personal development. • Communicate effectively at all levels, ensuring relevant information is cascaded to the team and allow for two-way communication including team meetings and 1-2-1’s. • Foster wellbeing of team members ensuring maintenance of work life balance, adherence to Working Time Regulations and providing opportunities for staff to raise issues e.g. through regular 1-2-1 meetings. • Undertake all aspects of recruitment in accordance with University policy and procedure, for both within the team and supporting other departments and faculties across the University. • Undertake investigations and undertake role of hearing manager in cases of disciplinary and grievance for employees across the University in line with University Policy and procedures.
Generic duties and responsibilities
• The post holder will be expected to undertake other responsibilities and tasks as reasonably requested by the Associate Director of Governance, Compliance and Risk. • The post holder will be responsible and accountable for ensuring all em - ployment legislative requirements are adhered to including equality and diversity and health and safety issues. • The job description may be altered at any time in the future in line with the level of the post to meet changing institutional requirements, but only in full consultation with the post holder.
Person specification.
Qualifications Essential: • A degree or equivalent experience in infor - mation governance data protection or a related discipline Desirable: • Masters qualification in a related discipline • Professional qualification in data protection, GDPR or management Personal qualities Essential: • Excellent oral and written communication skills • Ability to liaise calmly, professionally and effectively with a diverse group of people at all levels, both within and outside the University • Ability and willingness to learn and enhance own skills and experience • Self-motivated and organised • Able to work on own initiative, and as part of a team, and collaboratively • Ability to adapt to organisational change • Excellent interpersonal skills, including diplomacy, influencing and persuading skills • Ability to adapt to technological change
Skills, knowledge and experience Essential: • Experience of working in data protection, GDPR, information governance or records management in a complex environment • Extensive knowledge of data protection, GDPR, information governance and records management best practice, standards and legal compliance • Knowledge and/or experience of data pro - tection, GDPR, information governance and records management issues in higher educa - tion • Experience of researching and writing poli - cies, procedures and guidance on best prac - tice • Ability to interpret complex legislation, codes of practice and related documents and trans - late these into accessible advice • Ability to develop a thorough understanding of business processes in higher education • Knowledge of recent trends and develop - ments in information governance • Experience of developing effective policy and regulation to support governance processes, preferably in a higher education setting. • Experience of carrying out Data Protection Impact Assessments (DPIAs) • Ability to identify and undertake vital conver - sations appropriately • Ability to delegate appropriately Desirable: • Experience of application of IT to information governance and records management • Demonstrate an understanding of HR poli - cies and procedures • Experience of managing staff
Desirable: • Project management skills
Community, bringing together teams from across the University to support, improve and promote the wellbeing and physical and mental health of those living, studying and working here. • We have trained over 130 Mental Health First Aiders to ensure we have a network of staff who have the knowledge and confidence to recognise the signs and symptoms of common mental health issues and can signpost you towards the right support • We have a number of staff networks to support you including New Parents, LGBT+, GEM (Global Ethnic Majority) and Women • Our Employee Assistance Programme which is provided by our Occupational Health partner includes advice and counselling services to offer support through times of difficulty. Work - life balance/smarter working We want you to be able to carry out your work in a way that best supports UON and our students, but also you as an individual. We understand what that looks like will vary between different areas of the University as well as from one person to another. With Smarter Working you can work with increased flexibility, if you would like to, to facilitate greater freedom, autonomy and to better support each of us as individuals. Should you have family/caring responsibilities, we also have a whole package of family-friendly policies that provide for flexible working, maternity, paternity, shared parental and adoption leave, and leave for family emergencies. Environment We have reaffirmed our commitment to combating climate change and have pledged to become net zero carbon by 2030. We have also retained our green accreditation in Investors in the Environment.
Pension scheme The Local Government Pension Scheme (LGPS) is the main scheme for professional services staff and is worked out every scheme year and added to your pension account. The pension added to your account is equal to a 49th of your pay in that year. At the end of every scheme year the value of the pension in your account is adjusted to take into account the cost of living (as currently measured by the Consumer Prices Index (CPI). After you retire your pension will also keep pace with cost of living increases. It also includes immediate life cover and a pension for your husband, wife, civil partner or nominated cohabiting partner and eligible children in the event of your death and, if you ever become seriously ill, and you've paid in for at least 2 years, you could receive immediate ill-health benefits. Health insurance Health insurance is provided for single, individual coverage. There is also the option to purchase cover for a partner and/ or family at your own cost. Career development Since education is part of our core business, we care deeply about career and personal development. You’ll benefit from: • a structured induction programme for new starters, to make you feel welcome and part of our team • an annual performance and development review, to help identify your career aspirations and structure your individual development plan • access to an extensive programme of courses, designed by our in-house Staff Development team, for all career stages • access to LinkedIn Learning – a library of high quality training videos that cover a wide range of subjects. Employee wellbeing At the University of Northampton, we believe in the importance of health and wellbeing and we aim to ensure it underpins the staff and student experience at all stages. With this in mind we have introduced the Waterside Wellbeing
Working at the University of Northampton. Our mission is to transform lives and inspire change. We aim to ensure you have a positive experience of working with us by providing a supportive and caring environment. We also have a unique commitment to social impact which means we support our staff and students to have a positive effect on the world and society.
Generous benefits package
Our job opportunities all include an excellent benefits package that includes many features that are hard to find in the private sector: • Generous annual leave allowance, including Christmas/New Year closure - 35 days plus bank holidays and University closed days • Pension scheme membership to provide benefits for you and your family • Generous sick pay • Employee Assistance Programme with advice line and counselling • Learning and development opportunities; • Cycle to Work Scheme • Long service awards • Staff discounts on a range of products and local services including the ability to purchase a TOTUM student discount card which gives you access to over 350 student discounts.
How to apply.
For a confidential discussion to learn more about the role and opportunity, please contact the University of Northampton’s appointed recruitment partner Sian Gardiner of MRG University People: sian.gardiner@universitypeople.co.uk Applications should consist of a CV and covering letter and should be sent to northampton@universitypeople.co.uk Closing date for applications is Sunday 3rd September 2023. Final Interviews will take place at our Waterside Campus on Friday 22nd September 2023. The University of Northampton is committed to providing a vibrant, ethical and sustainable work, study and living environment that values equality, diversity and inclusion. This commitment, along with our legal and moral obligations, provides an inclusive environment for staff, students and the public who may be affected by our activities. Together @ UON confirms our commitment to equality and inclusion, underpinned by our belief in taking action. We are dedicated to creating an environment that celebrates equality and harnesses the power of diversity. Together @ UON demonstrates our pledge to our staff, students and partners to nurture and develop an environment where equality and inclusion can thrive whilst we Transform Lives and Inspire Change
northampton.ac.uk
Working in partnership with
Page 1 Page 2-3 Page 4-5 Page 6-7 Page 8-9 Page 10-11 Page 12-13 Page 14-15 Page 16Made with FlippingBook - Online Brochure Maker