Data Protection Officer
| Location | Ballymena |
| Sector | |
| Job type | Temporary |
| Salary | Up to £22.09 per hour |
| Published | over 1 year ago |
| Start date | asap |
| Contact email | Louise McCollum |
| Job ref | BMDPO55_1651746957 |
Job description
MAIN DUTIES AND RESPONSIBILITIES
1. Service Delivery
1.1. To fulfil the role of Data Protection Officer for Council with oversight of the statutory responsibilities associated with the General Data Protection Regulations and Data Protection Act.
1.2. Lead the development, implementation and maintenance of a Corporate Data Protection policy for Council and integrate the statutory responsibilities of Data Protection into other relevant Council Policies and procedures.
1.3. Inform and advise Council and its employees about their obligations to comply with the General Data Protection Regulations and other data protection laws.
1.4. Lead on the monitoring of performance and compliance with the General Data Protection Regulation and other data protection laws assessing Departmental conformance through internal audit and procedural reviews.
1.5. Responsible for the strategic oversight of information governance arrangements across Council and the operational delivery of an Information Governance Steering Group.
1.6. Lead on identifying key factors within Central and Local Government landscapes impacting the strategic direction for Council in relation to Data Protection.
1.7. Implement procedures for undertaking Data Protection Impact Assessments (DPIA) and advise Council Officers in the delivery of DPIA.
1.8. Review Council's Data Protection Agreements with external organisations and advise on improvement where necessary to ensure statutory compliance.
1.9. Manage internal data protection activities across Council to ensure statutory and legislative compliance.
1.10. Responsible for performance of Council's statutory duties under the Data Protection Act, including the processing of Subject Access Requests from data subjects.
1.11. Be the first point of contact for supervisory authorities and for individuals whose data is processed (employees, customers etc.).
1.12. Lead responsibility for the internal management of a data breach, reporting to the Senior Information Risk Owner and Senior Management, advising on notification process and engagement with stakeholders.
1.13. Be the first point of contact for Senior Management and employees to advise on data protection matters and provide appropriate knowledge of data protection law and best practice.
1.14. Develop and implement Council privacy notices across all relevant business areas in relation to data protection.
1.15. Identify, organise and deliver Data Protection training across Council to build organisational capacity and awareness in data protection matters.
1.16. Responsible for the drafting of key reports and papers to support the Head of Corporate Services in the execution of their duties.
1.17. Represent Council on regional subgroups.
1.18. Lead and manage Council's Data Retention and Disposal Schedule in line with Council policy and legislative requirements.
1.19. Provide support to the Policy Manager on policy team matters and work in collaboration with the Policy Team as required.
ESSENTIAL CRITERIA;
Applicants must have a minimum of a degree in a relevant subject e.g. Business, English, Law, Politics or Sociology.
AND
Be able to demonstrate, by providing personal and specific examples, that they have three years' relevant experience in a role overseeing and leading data protection in an organisation.
Candidates must be able to demonstrate three years' experience in the following areas:-
* An in-depth understanding and knowledge of current UK data protection requirements under the Data Protection Act 2018 and General Data Protection Regulation;
* Ability to work effectively in a data protection role at a senior level;
* Proven ability to work in partnership with a range of stakeholders to develop and implement strategies, policies or initiatives which deliver positive outcomes;
* Supporting and advising Elected Members and other stakeholders within a partnership working framework;
* Ability to influence persons at all levels of an organisation.
Alternatively consideration may be given to candidates who do not possess the required educational qualifications but who can demonstrate five years' experience in a data protection
Candidates must be able to demonstrate five years' relevant experience in a role overseeing and leading data protection in an organisation
Candidates must be able to demonstrate three years' experience in the following areas:-
* An in-depth understanding and knowledge of current UK data protection requirements under the Data Protection Act 2018 and General Data Protection Regulation;
* Ability to work effectively in a data protection role at a senior level;
* Proven ability to work in partnership with a range of stakeholders to develop and implement strategies, policies or initiatives which deliver positive outcomes;
* Supporting and advising Elected Members and other stakeholders within a partnership working framework;
* Ability to influence persons at all levels of an organisation.
Knowledge of legislative and regulatory frameworks for information and records management. Including, but not limited to, the Data Protection Act 2018, Freedom of Information Act, Privacy and Electronic Communications Regulations, General Data Protection Regulation (GDPR).
A sound understanding of the legislative frameworks governing the work of the Department.
Practical understanding of the main issues and developments impacting on the areas of responsibility within the post.
A clear understanding of the workings of local government and the wider environment and political context in which it operates.
(Full Job Description available on request)
