Data Protection Officer

Are you an experienced Data Protection professional? Do you want to use your expertise to make a positive, meaningful difference? St Margaret's Hospice Care has a fantastic opportunity for a Data Protection Officer to join our Governance team.

• Salary: £22,500 to £24,909 per annum (equivalent to a full time salary of £37,000 - £40,963)
• Location: Taunton
• Contract: Permanent
• Working pattern: 22.5 hours a week, Monday and Tuesday, with a choice of Wednesday to Friday
• Hybrid working: Option to work from home 1 day a week.

This role has become available due to upcoming retirement in March, allowing for a transition period when you first join.

• We take great pride in our strong culture of data protection compliance, which is deeply ingrained in everything we do at the Hospice.
• Have a meaningful impact by influencing and shaping the services we offer.
• Make a difference by joining a respected local charity with an outstanding reputation.

By building relationships and tailoring your approach, you will empower teams to integrate data protection into their everyday practices.

As our statutory Data Protection Officer, you will be the subject matter expert on all things relating to personal data and information governance.

As such, you will work with a wide range of diverse teams from retail to fundraising to Clinical each with their own unique needs.

Role-modelling best practice, you will engage proactively with colleagues to promote a culture of accountability, transparency and compliance with data protection regulation.

• Remain up to date with relevant legislation and maintain expert knowledge of UK GDPR, Data Protection Act and associated guidance, advising the Executive Team, Board, data controllers, data processors, staff and volunteers of their obligations
• Act as the main point of contact for internal and external stakeholders (including staff, volunteers, data subjects, regulators and third parties) on data protection issues
• Design, implement and evaluate internal control and assurance systems to monitor compliance with data protection legislation; plan and deliver compliance audits, assess risks and assign responsibilities to address areas of non or partial compliance
• Conduct or oversee investigations into data breaches and near-misses, ensure appropriate notification and reporting to the ICO, ensure actions and learning are implemented
• Embed a culture of data protection and information governance compliance; develop and deliver training, induction and education
• Draft, develop and review data protection policies, procedures, protocols and guidance to reflect current legislation and organisational need in consultation with key stakeholders
• Co‑coordinate and process subject requests and requests under the Access to Health Records Act, ensure timely and lawful responses
• Ensure an effective system for completion and review of Data Protection Impact Assessments (DPIAs), provide expert advice where required and advise on high‑risk processing
• Maintain accurate and comprehensive records of processing activities, prepare formal quarterly reports and annual returns
• Provide expert review of contracts, service level agreements and data sharing agreements to ensure data protection safeguards are included and implemented
• Chair the Data Protection Group, contribute to relevant governance and risk meetings and provide briefings to the Executive Team and Board
• Work collaboratively with teams to ensure an integrated approach to information governance and organisational assurance
• Contribute to the development and delivery of quality and risk management, provide team cover for governance related tasks, such as, incident reporting and general advice
• Horizon‑scan for emerging risks, regulatory changes and new technologies which may impact data protection, assess implications and make recommendations

You won't just be joining a fantastic team. You'll be part of a welcoming, community minded charity.

Our mission is to provide excellent specialist palliative care for patients and support to their families. If you speak to any of our staff or volunteers, they will tell you how the patient is at the heart of everything they do.

If you're looking for a role where you can really make a difference, working as part of a supportive team, we could be a perfect match.

• 33 days holiday including bank holidays rising to 35 days after 1 year, and increasing with length of service (pro‑rata if part‑time)
• Ability to buy and sell annual leave

• NHS employees eligible to continue with their NHS pension scheme*
• Non‑NHS employees will receive 5.5% employer and 5% employee contribution.

• Vitality & wellbeing health portal for non‑emergency care
• Unlimited access to 24/7 online GP Consultations as well as Expert Case Management
• Confidential and free 24‑hour Employee Assistance
• Counselling and support
• Legal, financial, and medical information and advice

• Life assurance cover 2x salary
• Health Cash Plans
• Blue Light Discount Card
• Enhanced maternity leave*
• Excellent learning and development opportunities
• Free on‑site parking in Yeovil and Taunton
• Volunteering and fundraising opportunities

• Maintain expert knowledge of data protection and related legislation
• Proficient in Microsoft Office Suite or related writing and presentation software

• Recognised data Protection qualification or desire to work towards a qualification
• Pursue continuous professional development

• Handle confidential information with discretion and sound ethical judgement
• Balance legal duties with organisational needs in a practical and proportionate approach

• Manage pressure and sensitive situations with resilience and composure.

• Communicate complex legal and technical concepts clearly and persuasively in an understandable manner
• Influence and negotiate effectively with tact and sensitivity.
• Work independently and part of a team to embed a culture of governance and data protection compliance.

• Build trusting relationships internally and externally, demonstrate active listening skills and challenge appropriately

• Chair effective meetings to ensure engagement with attendees
• Excellent verbal and written communication skills, demonstrating consistent accuracy and attention to detail
• Strong organisational and time management skills

• Minimum of three years' experience working in data protection compliance or a related field, embedding data protection culture
• Expertise in data protection laws and practices
• Champions integration of data protection

• Work with team members and wider team to progress the business and governance strategy
• Experience within a legal, audit and/or risk function

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.

St Margaret's Somerset Hospice

Heron Drive, Bishops Hull, Taunton, Somerset, TA1 5HA