Deputy Data Protection Officer

The Infected Blood Compensation Authority (IBCA) is a new arm's-length body established at unprecedented speed to administer compensation to people whose lives have been impacted by the infected blood scandal. IBCA will ensure timely and fair payments to those infected with HIV, Hepatitis B or C, and to their families, addressing long‑standing delays and frustration.

IBCA is looking for a Deputy DPO to support the Data Protection Officer in leading the data protection function, deputising in statutory duties and advancing a privacy‑by‑design culture across the organisation.

• Deputise for the DPO in statutory functions, providing advice and guidance to the Data Governance team and the wider organisation.
• Engage with operational teams and external stakeholders to deliver a data protection framework and support compliance with relevant legislation.
• Produce and maintain clear, user‑friendly procedures, processes, forms and guidance for IBCA’s data protection functions.
• Monitor compliance with UK GDPR and other data protection laws; develop policies, processes and procedures and manage internal data protection activities including compliance reviews.
• Advise on data security incidents, support decision making on breaches and, where required, report to the Information Commissioner’s Office (ICO).
• Participate in quality improvement activities and follow‑up actions of audit and investigation reports.
• Advise and support the completion of Data Protection Impact Assessments for new or alternative processing.
• Adopt a privacy‑by‑design and -default approach across the organisation to meet strategic and organisational objectives.
• Provide compliance support and review on behalf of the DPO regarding data protection concerns.
• Analyse data from audit controls and produce high‑quality reports.
• Develop data protection training programmes.
• Support other Data Governance leads with their responsibilities, e.g.:
  • Implementation of DG policies.
  • Effective communications on data governance matters.
  • Performance monitoring against corporate and legal targets.
  • Creation and maintenance of collaborative tools to facilitate knowledge sharing.
  • Agility to business requirements and cross‑strand collaboration.

• Seeing the Big Picture
• Changing and Improving
• Making Effective Decisions
• Communicating and Influencing
• Delivering at Pace

• Criminal record check and a security check, as outlined in the civil service security charter.
• Baseline personnel security standard checks for those working with government assets.

• UK nationals
• Nationals of the Republic of Ireland
• Nationals of Commonwealth countries with the right to work in the UK
• Nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and their family members with settled or pre‑settled status under the European Union Settlement Scheme (EUSS)
• Nationals of the EU, Switzerland, Norway, Iceland or Liechtenstein and their family members who have made a valid application for settled or pre‑settled status under the EUSS
• Individuals with limited leave to remain or indefinite leave to remain who were eligible to apply for EUSS on or before 31 December 2020
• Turkish nationals and certain family members of Turkish nationals who have accrued the right to work in the Civil Service

• Demonstrated knowledge of current UK and EU privacy and data protection legislation, such as the Data Protection Act 2018, UK GDPR and the Freedom of Information Act 2000.
• Ability to anticipate, evaluate and address potential privacy and data protection compliance requirements, and propose pragmatic solutions.
• Strong analytical and interpretative skills, able to explain complex privacy and regulatory requirements to colleagues and external stakeholders.
• Experience championing or supporting an effective privacy and data protection compliance culture.
• Excellent communication, influencing, negotiation and stakeholder management skills, with the ability to articulate requirements both verbally and in writing.
• Capability to manage a large and varied workload, make decisions under pressure, and meet challenging deadlines in a rapidly changing environment.
• Right to work in the UK, subject to a standard right‑to‑work check.

• A qualification in privacy and/or data protection.
• Security clearance at the SC level (additional checks if UK residency period is insufficient).

• Annual basic salary of £47,258.
• Contribution of £13,690 to the Civil Service Defined Benefit Pension scheme.
• Premium allowance paid monthly after probation.
• Learning and development tailored to your role.
• Flexible working options.
• Inclusive and diversity‑supporting culture.
• 28.97% employer contribution to the Civil Service Pension.
• 32.5 days of paid annual leave + 8 bank holidays.
• Enhanced maternity and paternity leave, up to 12 months shared parental leave.
• Family‑friendly policies to support everyday responsibilities.

If the role is not eligible for a skilled worker visa, IBCA will be unable to provide sponsorship. From 22 July 2025, a Skilled Worker must be in a level 6 (graduate level) role on the Regulated Qualifications Framework for England and Northern Ireland, or the equivalent level in Wales or Scotland.

Applicants must provide a CV detailing relevant responsibilities and achievements, and a statement of suitability (750 words max.). These will be assessed against the essential criteria in the person specification. Successful candidates will then progress through a sift and interview process, with a focus on behaviours and strengths.

• Sift date – WC 24th November 2025
• Interview date – WC 1st December 2025
• Interview may be face‑to‑face or by video, location will be communicated upon selection.

IBCA has a duty to make reasonable adjustments for applicants with disabilities where these adjust the selection process. Please request adjustments in line with established procedures.

If you experience accessibility problems with any attachments on this advert, please contact the email address in the "Contact point for applicants" section.

IBCA accepts applications from all qualified individuals regardless of nationality. Right‑to‑work checks will be performed in accordance with UK law. Feedback will only be provided if you attend an interview or assessment.