This may take a few moments.
We've detected a partial application for this role in our system. Would you like us to send you a link to resume your existing application?
If you have a medical condition, the Equality Act 2010 requires employers to make reasonable adjustments to the job content or working environment. To achieve this, we need to know whether you are covered. Definition of Disability: “A physical or mental impairment which has a substantial and long-term effect on a person’s ability to carry out normal day-to-day activities in a non-work environment.”
There are 6 million carers in the United Kingdom and nearly one in eight workers are carers. With an ageing population and an expected increase of 60% of carers in the next 30 years, we would like to monitor the number of people with caring responsibilities.
DATA PROTECTION ASSISTANT
Department: Information Governance / Data Protection
Reports To: Data Protection Officer (DPO)
Location:
Hours: Full Time
Salary:
Job Purpose
The Data Protection Assistant supports the Data Protection Officer (DPO) in delivering Harbour Healthcare's data protection and information governance programme across its residential and nursing care services.
The post holder will assist in managing Subject Access Requests, third-party disclosure requests, deceased resident record requests, NHS Continuing Healthcare requests, data incidents, records management activities, audits, compliance monitoring and regulatory enquiries.
The role acts as a key point of contact for care homes, operational teams, residents, relatives, legal representatives, healthcare professionals, regulators and external agencies, ensuring personal information is handled lawfully, securely and in accordance with UK data protection legislation and information governance requirements.
Key Responsibilities
Subject Access Requests and Data Rights
• Coordinate and administer Subject Access Requests (SARs) and other rights requests received under UK GDPR.
• Verify identity and authority of requestors.
• Log requests and monitor statutory deadlines.
• Liaise with care homes and departments to obtain records.
• Review information received for completeness.
• Prepare disclosure packs for review and release.
• Maintain accurate audit trails and request records.
• Escalate complex requests to the DPO.
Third-Party Information Requests
• Support the assessment and administration of third-party requests for information.
• Review evidence of authority including:
Deceased Resident Record Requests
• Support requests made under the Access to Health Records Act 1990.
• Verify entitlement and authority to access records.
• Coordinate retrieval of archived records.
• Prepare records for disclosure and review.
Records Review and Redaction
• Review records prior to disclosure.
• Identify third-party information requiring redaction.
• Apply redactions in accordance with Harbour Healthcare procedures.
• Maintain disclosure schedules and audit trails.
• Ensure information released is accurate, relevant and authorised.
Data Incident and Breach Management
• Log information governance incidents and near misses.
• Conduct initial fact-finding and evidence gathering.
• Support investigations into suspected data breaches.
• Assess potential risks to individuals.
• Track corrective and preventative actions.
• Escalate significant incidents to the DPO.
• Maintain breach and incident registers.
Records Management and Archiving
• Support compliance with records retention schedules.
• Assist care homes with records retrieval and archiving processes.
• Maintain records management logs and registers.
• Support archive reviews and secure destruction activities.
• Assist with records management audits.
Care Home Support
• Provide day-to-day information governance advice to care home managers and administrators.
• Assist homes in locating, collating and securely transferring records.
• Support operational teams with data protection queries.
• Promote compliance with Harbour Healthcare policies and procedures.
Governance Systems and Reporting
• Maintain records within governance systems including Radar Healthcare and associated compliance systems.
• Monitor request and incident workflows.
• Produce reports, statistics and management information.
• Support governance meetings and reporting requirements.
Person Specification
Essential
• Experience working in an administrative, compliance, governance or information management role.
• Excellent organisational and record-keeping skills.
• Strong written and verbal communication skills.
• High level of attention to detail.
• Ability to manage multiple priorities and deadlines.
• Ability to handle sensitive and confidential information appropriately.
• Proficient in Microsoft Office 365 applications.
• Ability to work independently and as part of a team.
Desirable
• Experience within health or social care.
• Experience handling Subject Access Requests or disclosure requests.
• Experience investigating incidents or complaints.
• Knowledge of:
Key Relationships
• Data Protection Officer
• Home Managers
• Regional Teams
• Operations Team
• Quality and Compliance Team
• Human Resources
• Information Technology Team
• Residents and Relatives
• NHS and Local Authority Professionals
• Regulators and External Agencies
Additional Requirements
• Ability to travel occasionally to services and meetings.
• Commitment to maintaining confidentiality and professionalism at all times.
• Willingness to undertake relevant training and professional development.
This role is subject to satisfactory references and an enhanced DBS check.