Job Summary
The postholder will lead on all aspects of Information Governance, assume the role of Data Protection Officer and Privacy Officer for the Trust (DPO / PO), be responsible for the Freedom of Information function (FOI) and coordinate the submission of the Data Security and Protection Toolkit (DSPT).
Main duties
* Develop strategy, policy and guidance to promote best practice as defined by the Data Security and Protection Toolkit and to comply with all relevant legislation.
* Improve the Information Governance service delivered to the Trust, including manager training, documentation development and process improvement.
* Act as the source of expertise on Information Governance issues, legislation and local policies and procedures.
* Take responsibility for the management of Freedom of Information requests.
* Produce and co‑ordinate regular reports for the Information Governance Steering Group, Digital Services meetings and the Executive/Trust Boards.
* Act as Privacy Officer, receiving and investigating SCR notifications; act as Data Protection Officer, providing support, advice and assurance of compliance across the Trust.
About Us
Ashford and St. Peters Hospitals NHS Foundation Trust serves a population of more than 410,000 people in North‑West Surrey, including parts of Hounslow. Over 3,700 highly trained staff provide a wide range of services across our two hospital sites, Ashford and St. Peter’s, Chertsey. We also run many specialist clinics in the community and other healthcare facilities. Our vision is to be one of the best healthcare Trusts in the country. We are committed to continuous professional development and flexibility to shape our workforce around patient care.
Benefits
* Excellent pension scheme and annual leave entitlement
* On‑site nurseries
* On‑site staff cafés
* On‑site parking
* Support in career development
* Salary sacrifice schemes including wage stream, lease cars, Cycle to Work schemes and home electronics
Adverts may close early, so applicants are encouraged to submit an application as soon as possible.
For more information about a career at ASPH please visit www.asph-careers.org.
Details
Date posted: 14 November 2025
Pay scheme: Agenda for change
Band: 7
Salary: Depending on experience WCP
Contract: Permanent
Working pattern: Full‑time
Reference number: 323-AC8972-SK
Job location: St. Peter’s Hospital, Chertsey, KT16 0PZ
Job responsibilities
Expertise and Advice
* Act as a source of expertise on Information Governance issues to all relevant areas of the Trust.
* Advise on Information Governance issues, especially Information Security, Data Protection and Freedom of Information, and ensure best practice.
* Provide advice and support in the investigation and management of Information Governance incidents, including national reporting.
* Work with and support the Trust leads for other aspects of Information Governance to attain highest possible levels of Data Security and Protection Toolkit standards.
* Develop Trust procedures and processes for all areas of Information Governance, including record keeping, transfers, security and sharing.
* Examine and advise on computer security policies with the Head of Digital Infrastructure and Cyber Security colleagues.
* Maintain up‑to‑date knowledge of new developments in Data Protection legislation.
* Provide advice on rights for data subjects and keep the Trust’s privacy notice regularly reviewed.
* Manage Data Subject Access Requests from a wide range of external organisations.
Leadership and Managerial
* Assume the role of Data Protection Officer (DPO), report directly to the Trust Board and act independently of other staff.
* Provide support, advice and assurance of compliance across the Trust.
* Maintain expert knowledge of data protection law and how it applies to the Trust’s business.
* Serve as first point of contact for all data protection matters.
* Support programmes involving data protection impact assessments (DPIs) and data sharing agreements.
* Consult with the Information Commissioner’s Office when required.
* Ensure the Information Governance team operates effectively.
* Cooperate with the ICO on compliance matters and breach management.
Reporting
* Manage the Data Security and Protection Toolkit, control user access, provide training and report to the Information Governance Steering Group.
* Attend steering group meetings and deliver progress reports.
* Coordinate statutory and external audits of Information Governance.
* Act as Privacy Officer for user access to various systems.
* Carry out quarterly unannounced spot checks to gauge compliance.
* Investigate, manage and report cyber incidents.
Service Improvement and Training
* Deliver the Information Governance Improvement/Action Plan and coordinate the annual audit.
* Co‑ordinate and ensure delivery of an improvement plan to meet data security standards.
* Lead the development and roll‑out of training programmes for staff.
* Lead on development of Information Governance documentation and SOPs.
Communications and Engagement
* Work with similar posts in partner organisations across the local health economy.
* Maintain the Trust’s Information Governance section on the intranet.
* Manage the Information Governance, Caldicott and Police Liaison mailboxes.
General responsibilities
Provide support to the department and the organisation by carrying out any other duties that reasonably fit within the scope of this role.
Person Specification
Essential qualifications
* Degree in a related information subject or evidence of professional training of an equivalent standard or equivalent experience in the field.
Essential experience
* Good understanding of the NHS Information Governance agenda and toolkit.
Desirable experience
* Experience working within the NHS.
Essential knowledge
* Working knowledge of the Data Security and Protection Toolkit, Data Protection Act 2018, General Data Protection Regulation (GDPR) and Freedom of Information Act 2000.
Disclosure and Barring Service Check
This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and a Disclosure and Barring Service check will be required.
Employer details
Employer name: Ashford & St. Peter's Hospitals NHS Foundation Trust
Address: St. Peter’s Hospital, Chertsey, KT16 0PZ
Website: https://www.ashfordstpeters.nhs.uk/
#J-18808-Ljbffr