Information Governance Specialist

We are looking for a skilled and motivated Information Governance Specialist to join our team and play a key role in safeguarding patient data, ensuring regulatory compliance, and driving best practice across information governance, cybersecurity, and clinical safety. You will work closely with clinical and technical teams, helping shape policy, deliver training, and respond to complex data protection challenges. This is a full-time permanent position working remotely, with an expectation to travel to InHealth sites as required.

In this role, you will:

• Lead Information Governance initiatives – Develop and maintain IG policies, deliver training for key IG roles, and provide expert advice on complex information governance queries.
• Support data protection compliance – Manage Data Subject Access Requests, oversee DPIAs, Privacy Notices, and Information Sharing Agreements, and lead IG-related incident reporting and resolution.
• Strengthen Cyber Security resilience – Create cyber playbooks, support ISO 27001 alignment, analyse incidents, and deliver tailored cyber threat training across the business, including at board level.
• Enhance Digital Clinical Safety – Deliver training on DCB standards, publish clinical safety guidance, and support root cause analysis of safety incidents.
• Promote Quality Management – Conduct internal audits, contribute to QMS documentation, and support process owners with implementing improvements in line with ISO 9001 standards.

InHealth is the UKs largest specialist provider of diagnostic and healthcare solutions. Our aim is to make healthcare better for patients by working collaboratively with the NHS to deliver a range of high-quality tests, scans, assessments and procedures. In the last year, we have supported more than 5 million people in their healthcare journeys, the majority of these are NHS patients and service users.

As a people-focused organisation, our teams are integral in how we deliver our services and our values of Trust, Passion, Care and Fresh Thinking underpin everything we do, influencing the way we interact with patients, customers, and colleagues.

Our mission is to provide high-quality services within local communities to over 7 million patients by 2030. We are committed to ensuring that patients receive a positive experience, maintaining a 97% patient satisfaction rate.

You are an experienced Information Governance professional with a proven track record of translating regulatory requirements into practical solutions. You will have:

• Postgraduate qualification in a relevant field (e.g., Law, Corporate Governance, Data Protection).
• A current Data Protection or Information Governance qualification (e.g., CIPP/E, BCS Practitioner Certificate, Level 4 Data Protection and IG Practitioner).

Essential skills and experience:

• In-depth knowledge of data protection laws, cybersecurity frameworks, DCB safety standards, and ISO 9001.
• Experience handling incidents and conducting root cause analysis across clinical and technical environments.
• Strong communication skills with the ability to engage, mentor, and influence stakeholders.
• A calm, analytical approach, able to respond quickly to time-sensitive issues.
• Passion for patient safety, data protection, and organisational excellence.
• Membership of a professional body such as The Chartered Governance Institute UK & Ireland.
• Knowledge of NHS systems and data flows.

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.