Data Protection and Information Governance Manager

Go back University Hospitals Bristol and Weston NHS Foundation Trust (UHBW)

Closing date is 31 December 2025

The postholder will be a subject matter expert and have in-depth specialised knowledge and experience in information governance and data protection.

In their client-facing role they will:

• Support clients, individually, at place and at system level, to ensure that they meet highly complex legal and regulatory obligations in relation to Information Governance including confidentiality, information security, Data Protection, Freedom of Information and GDPR.
• Act as Data Protection Officer to a range of clients to whom this service is provided.
• Act as a trusted advisor and subject matter expert on data protection and information governance to cross community programmes.

The postholder will also have an internal role to support the Associate Director of Digital Audit and Assurance Services and wider ASW Assurance Senior Management Team (SMT) to develop and maintain a robust information governance framework and guide and train staff to ensure ASW Assurance maintains data protection and privacy standards.

The postholder will manage the delivery of mandated annual Data Security and Protection Toolkit to all ASW Assurance clients, and seek to grow this offering through networking and marketing the ASW IG and DP service offerings.

General:

Have a strong technical understanding on all relevant data protection and information governance guidance, regulation, and legislation.

Maintain a high level of recognised subject matter expertise in information governance issues through research, liaison with information governance colleagues in other NHS, public and third sector organisations, and membership of national information governance groups.

Client facing:

Provide expert data protection and information governance legislation and regulation support to clients through knowledge and practical subject matter expertise to define, scope and deliver ASW services based on highly complex client needs and technical digital programmes.

Support clients in understanding best practice through horizon scanning, interpretation, and communication of complex legislation and regulation.

Lead the delivery of annual DSPT audits.

Internal:

Ensure that ASW meets its highly complex legal and regulatory obligations in relation to information governance including confidentiality, information security, Data Protection, Freedom of Information, GDPR and Registration Authority requirements.

Staff supervision, training and development.

Provide expert insight into, agreeing, monitoring, and reviewing data sharing or data processing agreements/contracts governing processing of patient-identifiable information.

University Hospitals Bristol and Weston NHS Foundation Trust (UHBW) is one of the largest acute Trusts in the country, bringing together a combined workforce of over 13,000 staff and over 100 different clinical services across 10 different sites, serving a core population of more than 500,000 people across South West England. UHBW has been rated by the CQC as 'Good' overall and our staff are proud to deliver excellent care to the people of Bristol, Weston and beyond. As a forward-thinking multi-award winning Trust and a digital exemplar committed to improving patient care, our world-leading research and innovations are having a positive local and global impact. Our hospitals are spread across Bristol and Weston, join us and you can enjoy the very best of both worlds; city living within a stone's throw of the countryside or beside the seaside, both with easy access to all that the South West has to offer. UHBW is committed to safeguarding and promoting the welfare of children, young people and vulnerable adults. As an equal opportunities employer actively working towards a diverse workforce we aim to recruit and retain a workforce which represents the rich diversity of the local population at all levels and are committed to designing our services around the needs of individual patients and those around them. Anonymous information will be used from your application in order to ensure we're meeting our pledge.

• Possess or actively working towards specialised digital/IG professional qualification e.g. CIPP/E or CIPM
• In depth specialist knowledge of data protection and information governance acquired through degree or equivalent level plus knowledge.

• In-depth knowledge and understanding of data protection legislation, including the Caldicott Principles, UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 (DPA 2018), and the Privacy and Electronic Communications Regulations (PECR), with the ability to ensure organisational compliance and advise on legal obligations.
• Must have a full and mature understanding of NHS and public sector structures, policy, functions, digital and information systems together with the aptitude to build on that knowledge.

• Expert experience of digital audit, or experience in digital delivery and/or management at a senior level.
• Experience managing IG audits or compliance inspections (e.g. ICO reviews), including conduct IG audits.
• Experience of supervising, training and coaching staff.
• Experience of preparing reports for Boards and Committees to a high standard.

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

University Hospitals Bristol and Weston NHS Foundation Trust (UHBW)