Job overview
We are seeking an experienced and motivated Data Protection Lead to play a key role in strengthening and embedding the data protection framework across NWL Pathology, hosted by Imperial College Healthcare NHS Trust. This is an exciting opportunity to support one of the largest NHS pathology networks in the country, ensuring that patient, staff, and organisational data is managed in line with legal, regulatory, and NHS standards.
As Data Protection Lead, you will act as a subject matter expert, providing specialist advice and guidance on data protection, information governance, and privacy compliance. You will work closely with senior leaders, clinicians, and operational teams to support data protection compliance, and ensure that data protection risks are effectively identified and managed. You will also play a pivotal role in building awareness and capability across the network, helping staff understand their responsibilities for safeguarding sensitive information.
We are looking for a proactive individual with strong knowledge of data protection legislation, including UK GDPR and the Data Protection Act 2018, alongside experience of applying this within complex organisations, especially the NHS. The successful candidate will have excellent communication and influencing skills, the ability to balance regulatory requirements with operational needs, and a collaborative approach to problem-solving.
Main duties of the job
Working as a Data Protection Lead, the post-holder will support the DPO Team in promoting adherence and compliance to Data Protection best practice in ICHNT, especially in relation to NWL Pathology.
Supporting data protection matters relating to New Systems of ICHNT, especially in relation to NWL Pathology.
Supporting data protection matters relating to Privacy cases of ICHNT, especially in relation to NWL Pathology, such as incident management, data subject rights requests etc.
Supporting data protection matters relating to Secondary Use cases of ICHNT, especially in relation to NWL Pathology, such as research, audits, service evaluations etc.
Supporting data protection matters relating to the Training Needs Analysis of ICHNT, especially in relation to NWL Pathology.
Supporting data protection matters relating to Policies and Privacy Notices of ICHNT, especially in relation to NWL Pathology.
Supporting data protection matters in relation to the Risk Register of ICHNT, especially in relation to NWL Pathology.
Supporting the overall NWL Pathology Data Protection Framework.
Supporting all other data protection matters in relation to NWL Pathology that may not directly fall within a ‘category’ as above.
The post-holder is instrumental in helping the team support the data protection strategy.
The post-holder will be responsible for developing a compliant data protection framework for NWL Pathology and supporting the overarching ICHNT data protection framework further.
Working for our organisation
At Imperial College Healthcare you can achieve extraordinary things with extraordinary people, working with leading clinicians pushing boundaries in patient care.
Become part of a vibrant team living our values - expert, kind, collaborative and aspirational. You’ll get an experience like no other and will fast forward your career.
Benefits include career development, flexible working and wellbeing, staff recognition scheme. Make use of optional benefits including Cycle to Work, car lease schemes, season ticket loan or membership options for onsite leisure facilities.
We are committed to equal opportunities and improving the working lives of our staff and will consider applications to work flexibly, part time or job share. Please talk to us at interview.
Detailed job description and main responsibilities
The full job description provides an overview of the key tasks and responsibilities of the role and the person specification outlines the qualifications, skills, experience and knowledge required.
For both overviews please view the Job Description attachment with the job advert.
Person specification
Education/ Qualifications
Essential criteria
1. English Law Degree
2. Demonstrable evidence of Continuous Professional Development (CPD)
Desirable criteria
3. Masters in any area of Law
4. Certified Information Privacy Professional (CIPP/E)
5. Certified Information Privacy Manager (CIPM)
6. PRINCE2
7. Excellent IT Skills (WordExcel/Access/PowerPoint /or equivalent)
8. Understanding of Policy / Procedure / Process etc.
Experience/Knowledge
Essential criteria
9. Experience in the NHS
10. Experience in Data Protection
11. Excellent understanding of the EU / UK General Data Protection Regulation
12. Excellent understanding Data Protection Legislation
13. Excellent understanding of the Common Law Duty of Confidentiality
14. Excellent understanding of the Information Commissioners’ Office
Desirable criteria
15. Experience of working in the healthcare setting
16. Experience of data protection law applied to a healthcare setting
17. Experience in dealing with NHS operational and strategic issues
18. Experience in delivering a Data Security & Protection Toolkit
19. Experience in delivering / maintaining Records of Processing
20. Experience in developing a Data Protection Framework
21. Experience in managing data protection risks and issues.
Skills / Abilities
Essential criteria
22. Excellent Presentational Skills
23. Excellent Written Skills
24. Excellent Legal Research
25. Working effectively under pressure and meeting tight deadlines
Please ensure you check your emails regularly as this is how we will communicate with you throughout the recruitment process. If you are shortlisted you will be contacted by email and text message (if you provide a mobile contact number).
Employer certification / accreditation badges