Contract Information Governance Officer / Data Protection Officer (DPO) | NHS 6 Months - Outside IR35 Lancashire - 1-2 days per week onsite Rate: Dependent on experience We are currently seeking an experienced Information Governance Officer / Data Protection Officer (DPO) to support a key NHS organisation in maintaining the highest standards of data protection, compliance, and information security on a day rate contract. This is a fantastic opportunity to play a critical role in ensuring patient data is handled securely and in line with regulatory requirements, while supporting operational teams across the organisation. Key responsibilities - Provide expert advice on information governance, data protection, and confidentiality - Ensure compliance with UK GDPR, Data Protection Act 2018, and NHS IG frameworks - Lead on Data Protection Impact Assessments (DPIAs) and risk assessments - Manage and respond to data breaches, incidents, and subject access requests (SARs) - Support audits, policy development, and staff training on IG best practices - Act as (or support) the organisation's Data Protection Officer function Key requirements: - Proven experience in an NHS Information Governance or DPO role - Strong knowledge of UK GDPR, Data Protection Act 2018, and NHS DSP Toolkit - Experience handling SARs, DPIAs, and data breach investigations - Excellent stakeholder engagement and communication skills - Project experience