Data Protection Officer
At Clinical Partners, we are proud to be one of the UK's leading providers of mental health services, working across both private and NHS sectors to support individuals and families facing emotional and psychological challenges. Our commitment to delivering safe, high-quality care is at the heart of everything we do.
We are seeking an experienced DPO to join our Governance & Compliance function. The incumbent will help ensure organisational compliance with the UK GDPR, the Data Protection Act 2018, and other relevant legislation and will act as an independent advisor and monitor, supporting governance, risk, and assurance activities across the organisation and serving as the primary contact for data subjects and the Information Commissioner's Office (ICO).
This is a hybrid role that may require occasional travel to our offices in Semley or London.
Key Responsibilities:
* Monitor internal compliance with data protection legislation and organisational policies.
* Advise on and review Data Protection Impact Assessments (DPIAs) and co-ordinate Records of Processing Activity (ROPA) registers
* Lead investigations into data breaches and ensure timely reporting to the ICO.
* Maintain and review the Data Incident Tracker and ensure appropriate classification and resolution.
* Support audits and regulatory reviews, including ISO and CQC assessments.
* Develop and deliver data protection training across the organisation.
* Serve as the point of contact for data subjects and the ICO.
* Provide expert advice to senior leadership and collaborate with clinical and operational teams.
* Ensure fulfilment of NHS DSPT obligations and Cyber Assessment Framework, ISO27001 alignment.
* Manage the Subject Access Request process, regular reporting of KPI's in relation to this
* Line manage the Subject Access Administrator
* Support the supplier validation process from a data protection and IT security perspective
Requirements:
Essential
* Minimum 3 years' experience in data protection, information governance, or compliance.
* In-depth knowledge of UK GDPR, Data Protection Act 2018, and NHS DSPT requirements.
* Experience managing data breaches, DPIAs, and regulatory submissions.
* Strong understanding of risk management and audit processes.
* Qualification in Data Protection
* Experience of people management
* Experience of managing SAR's, complaints and incidents relating to data breaches
* Experience in advising on supplier validation and assurance in relation to data protection and IT security
* Excellent analytical and problem-solving skills.
* Strong written and verbal communication, including report writing.
* Ability to manage sensitive information with discretion and integrity.
* Proficiency in Microsoft Office and data governance platforms.
* Strong understanding of UK GDPR Articles 3739 and their practical application, NHS DSPT and Online Safety Act 2023 implications for digital services.
Desirable
* Formal qualification in Data Protection (e.g., CIPP/E, BCS DPO Certificate).
* Experience in healthcare or regulated sectors.
* Familiarity with ISO 27001, CQC standards, and Cyber Assessment Framework.
* Ability to influence and advise senior stakeholders.
* Experience with SharePoint, risk registers, and incident tracking tools.
* Knowledge of Gender Recognition Act 2004 and handling of special category data, cross-border data transfer regulations and adequacy decisions and application of AI and data security implications
Remuneration and Benefits:
* Salary starting from £50,000 per annum
* 25 days paid holiday (increasing with service to 28 days) plus bank holidays.
* A day off for your birthday.
* Healthcare Cash Plan
* Benefits Platform
* Life Assurance
* Discount Vouchers
* Flexible working opportunities to suit your personal needs
* Opportunities to take part in charitable events
* Access to a Wellbeing portal and Employee Assistance Programme (EAP)
Equal Opportunities Employer:
At Clinical Partners we are committed to creating an inclusive and diverse workplace. We believe that everyone deserves an equal opportunity to succeed, regardless of their background, race, gender, age, disability, sexual orientation, or any other characteristic. We welcome applications from all qualified candidates and strive to provide a supportive and respectful environment for all employees.
DBS Check Requirement:
Please note that this position requires a Disclosure and Barring Service (DBS) check as part of our commitment to safeguarding and ensuring the safety of our clients and staff. The successful candidate will be required to undergo a DBS check before commencing employment.