JOB DESCRIPTION

TITLE:Information Governance Manager incorporating Statutory Role of Data Protection Officer(DPO)

GRADE:Grade VII

REPORTING TO:Quality and Patient Safety Manager

RESPONSIBLE TO:Executive Management Team

ROLE SUMMARY:This is a senior management post within the Hospital’s management team. The Information Governance Manager will be responsible for developing, managing and implementing the Rotunda Hospital's General Data Protection Regulation (GDPR) compliance. In addition, the role includes Freedom of Information Officer responding to Internal Appeal applications and making submissions to the Office of the Information Commissioner. Working within the Quality and Patient Safety Department, s/he will manage the Hospital's compliance with all aspects of Information Governance.

HOURS OF WORK:37 Hours per week Monday to Friday (excluding unpaid lunch breaks)

KEY RESPONSIBILITIES & ACCOUNTABILITIES:

  1. The role of the Data Protection Officer includes:
  • Leadership role in devising and implementing the Hospital’s strategy to comply with General Data Protection Regulation
  • Overseeing the effective implementation of GDPR policy and procedure
  • Managing the Hospital’s compliance programme across all areas (public and private clinics), including undertaking audits, data impact assessments
  • Developing strong working relationships with key stakeholders both internal and external to the Hospital, including the HSE, RCSI Hospitals Group and Office of the Data Protection Commissioner
  • Providing expert advice and support to all staff across the Hospital in respect of data protection issues and co-ordinate training initiatives
  • Advising on the legal requirements of GDPR and the Data Protection Legislation
  • Overseeing any investigations arising from the Office of the Data Protection Commissioner
  • Co-ordinating and manage the delivery of Subject Access Requests in line with service user and employee rights under GDPR
  • Investigating and reporting data breaches to the Executive Management Team and to Data Protection Commissioner's Office
  • Advising on aspects of contracts and agreements throughout the organisation
  • Membership of the Hospital’s Research Ethics Committee and other Working Groups/ Committees
  1. Manage the Hospital’s Freedom of Information [FOI] requirements and obligations, including:
  • Overseeing the timely processing of FOI requests within the organisation
  • Reviewing and processing all Internal Appeals under FOI
  • Overseeing the processing of non-personal FOI requests and advising the Quality and Patient Safety Manager and the Executive Management Team accordingly
  • Managing investigations and appeals which are commenced by the Office of the Information Commissioner
  1. Represents the Hospital at regional and national forums and committees as necessary.
  2. To manage the Hospital’s Environmental Information Access obligations
  3. To have responsibility for the management of the organisation’s historic records and act as the Requisitioning Officer for the National Archives.
  4. To advise the Hospital of changes in legislation and regulatory requirements and ensure policies and procedures are updated accordingly.
  5. To supervise/oversee the processing of and release of all records within the Department.
  6. Provide education and training to staff on Information Governance.
  7. Contribute to the management and development of staff within the Department.
  8. Undertake other duties as appropriate to the post as assigned from time to time.
  9. Actively support and contribute to quality and safety initiatives in the hospital, including:
  10. Infection Prevention and Control Standards
  11. National Standards for Safer Better Maternity Healthcare
  12. All audits deemed necessary by the Rotunda Hospital Management Team

KEY WORKING RELATIONSHIPS

Board of Governors, Master/CEO, Secretary/General Manager, Director of Midwifery/Nursing, Quality and Patient Safety Manager and Heads of Departments.

PERSON SPECIFICATION

Knowledge

  1. A degree or other relevant professional/academic qualification.
  2. Extensive knowledge of the Data Protection and Freedom of Information Law.
  3. Experience in/understanding of Irish Healthcare System is desirable.

Skills

  1. Ability to practically apply all the relevant legislation.
  2. Excellent leadership, interpersonal and communications skills.
  3. Ability to develop and maintain business relationships both internally and externally with key stakeholders.
  4. Solutions based approach to work.
  5. High degree of integrity and initiative.
  6. Strong IT skills.
  7. High level strategic planning and organisational skills.

Experience

  1. Experience at Management/Supervisory Level with at least three to five years experience in a comparable role.
  2. Extensive knowledge of Data Protection and FOI Law.
  3. Ability to perform well under pressure with the energy, initiative and resilience necessary to deliver results.

PERFORMANCE METRICS

  1. Effective management of the Rotunda Hospital's compliance with legislation.
  2. Provision of relevant key performance indicators in relation to GDPR.

Probationary Period:The successful candidate will be appointed initially for a probationary period of 6 months. This period may be extended as required.

Hours of work:37 hours per week

Annual Leave entitlement:30 working days per year (January to December)

Salary Scale:As per DOH Consolidated Pay Scale

Note: These responsibilities and accountabilities are a guide only and are subject to addition, review and amendment to meet the changing needs of the Hospital.

HRInfo Gov Mgr May 2018

1 | Page