Job Title
Quality and Compliance Officer
Location
Remote. With occasional travel to company office (Skegness)
Reporting to
Commercial Director
Hours
Full time. 9am to 5.30pm, Monday to Friday. Part time will also be considered.
Contract
Permanent
Salary
£40,000 per annum. Negotiable DOE.
Introduction
Established in 2010, Inform Health is an award‑winning software company, providing software applications to support Sexual Health, HIV, and Sexual Assault Referral Centre (SARC) provider services.
In 2019 Inform launched a new and exciting range of patient self‑management products designed to support even greater service efficiency whilst improving patient experience. These include “Click It”, a patient self‑managed home test kit and diagnostics service, alongside a range of other complimentary self‑managed booking, treatment and prescription services.
Through close collaboration with our customers, we continuously evolve, shaping solutions that meaningfully transform service delivery within the sexual health industry.
Our values are Integrity, passion, innovation, and expertise which form the foundation of our success and in conjunction with our customers, we strive to make a real impact on the future of healthcare. Our mission is to empower healthcare providers and commissioners with elegant, innovative and secure software solutions that enhance service efficiency, improve patient care and provide tangible benefits to the communities they serve.
Job Purpose
The Quality & Compliance Officer is responsible for maintaining and improving Inform Health’s information security, quality and regulatory compliance frameworks.
Inform Health currently holds ISO27001:2022 certification, Cyber Essentials and Cyber Essentials Plus accreditations and complies with the NHS Data Security and Protection Toolkit (DSPT) annual assessment standards.
To support the manufacturing operations, Inform are currently progressing ISO13485:2016. And it is our aim to progress to ISO 9001:2015 standards.
This hands‑on role involves conducting audits, maintaining documentation, managing risks, completing compliance returns, and ensuring that all policies and processes meet external accreditation and regulatory requirements including ISO 27001, DSPT and applicable data‑protection legislations.
Duties and Responsibilities
Information Security & Compliance
* Maintain and update the Information Security Management System (ISMS) in line with ISO27001:2022.
* Coordinate internal and external audits for ISO 27001, DSPT, and Cyber Essentials accreditations.
* Maintain existing and create new policies, procedures and documentation in line with ISO27001:2022 and other applicable standards.
* Coordinate organisational compliance with GDPR and the Data Protection Act, supporting completion of Data Protection Impact Assessments (DPIA).
* Support customers with DPIA and DTAC and other quality requirements.
* Maintain logs of incidents, risks, and corrective actions, ensuring follow‑up and documentation.
Quality Management
* Support the development of a Quality Management System aligned with ISO 9001.
* Write, review and maintain operational policies, procedures, work instructions and templates.
* Record and manage Root Cause Analysis (RCA) and Corrective and Preventative Actions (CAPA).
* Maintain controlled documentation, audit trails, improvement logs and compliance records.
* Monitor compliance schedules, ensuring all audits, renewals and reports are completed on time.
* Support the development of a Quality Management System aligned with ISO13485:2016 for the Click It operation.
* Support registration with Medical & Healthcare Products Regulatory Agency (MHRA) of new products in conjunction with the Operational Manager (Click It).
* Ensure quality standards, policies and procedures are common throughout all systems.
Risk & Compliance Monitoring
* Maintain the company risk register and risk treatment plans.
* Perform and document risk assessments for information security and quality processes.
* Monitor compliance schedules, ensuring all audits, renewals and reports are completed on time.
* Develop and deliver staff training on GDPR, data protection, information security and importance of compliance.
* Support staff with compliance queries and ensure consistent application of procedures.
* Develop a robust Supplier Management system maintaining supplier assurance documentation, including contracts, certifications, and questionnaires.
* Carry out supplier due diligence and compliance checks.
Reporting
* Prepare regular compliance and quality reports for management and governance boards.
* Track KPIs, audit findings, and improvement actions to demonstrate compliance performance.
Communication
* Ensure colleagues are kept up to date with all expected quality system requirements, through presentations and/or workshops.
* Introduce a regular quality update notification to all staff to share any quality news of forthcoming requirements and events.
Qualifications, Skills and Experience
Qualifications
* Degree in a relevant field (e.g. Information Security, Computer Science, IT) or equivalent professional experience.
Skills & Experience
* Strong, hands‑on experience managing and maintaining compliance with ISO 27001, GDPR, Cyber Essentials / Cyber Essentials Plus and NHS DSPT.
* Proven experience working within a HealthTech environment, NHS Supplier or healthcare information governance environment.
* Demonstratable experience in developing, writing and maintaining security and compliance policies, procedures and controls.
* Experience supporting internal audits, including audit schedules, evidence gathering and non‑conformance management.
* Strong organisational and record‑keeping skills with attention to detail.
* Excellent written and verbal communication skills.
* Ability to manage multiple compliance tasks independently.
Advantageous
* ISO 27001 or ISO 9001 Internal Auditor / Lead Auditor certification.
* Experience supporting organisational data‑protection activities (e.g., GDPR compliance, DIPA’s, SARs and data governance practices).
* GDPR / Data Protection certification (e.g., CIPP/E, CIPM or BCS Data Protection).
* Familiarity with secure software development or Agile environments.
* Experience supporting ISO 9001 implementation or similar quality‑system frameworks.
Why work for Inform Health?
* With Private Medical Insurance, you’ll have peace of mind knowing you are covered in case of illness or injury.
* Take advantage of our Enhanced Pension Contributions to help you build a secure financial future.
* Our Employee Assistance Programme (EAP) offers confidential support, including counselling and financial advice, ensuring you’re supported both personally and professionally.
* Enjoy enhanced annual leave that increases with your service, giving you more time to relax and recharge when needed.
* We invest in your future. We provide Professional Development Opportunities to help you grow in your career within a supportive, dynamic environment.
* We are an Equal Opportunities Employer. We celebrate diversity in all its forms and are committed to providing an environment where people from all backgrounds, regardless of race, gender, age, religion, disability, or sexual orientation can thrive. We actively encourage individuals from diverse and underrepresented communities to apply and join our team.
* By joining us, you’ll play an essential role in improving healthcare and helping deliver high‑quality products that make a real difference in the lives of our customers and the patients they serve.
Seniority level
* Entry level
Employment type
* Full‑time
Job function
* Legal
* IT Services and IT Consulting
#J-18808-Ljbffr