Skip to content
Three photos showing a man and woman taking part in a craft session, a group of teenagers in canoes and a group of teenagers smiling at the camera.

Jobs and careers with Keys Group

Our vacancies

Search Jobs

Data Protection Officer

Please Note: The application deadline for this job has now passed.

Package Description

 

Organisational Relationship: Reports to Group Legal Counsel.

Location: Hybrid working and some travel will be required to deliver training.

Hours: Up of to 30 hours per week

Compensation: £35,000 to £40,000 p.a depending on level of experience.

About Keys Group: Keys Group is one of the UK’s leading providers of specialist education, care and activities. The organisation supports more than 2,000 children, young people, adults and families in services and schools across England and Wales and is regulated by Ofsted, CQC and CIW.

General Summary: Keys Group is looking to recruit an experienced Data Protection Officer (DPO) to meet its obligations under the UK GDPR. Reporting to the Group Legal Counsel, the statutory DPO will monitor compliance and data practices internally to ensure the business and its functions comply with the applicable requirements under the UK GDPR and other relevant legislation. The DPO will be responsible for advising on, and where required carrying out, staff training, data protection impact assessments and internal audits. The DPO will also serve as the primary contact for the Information Commissioner and individuals whose data is processed by the organisation.

Essential Duties and Responsibilities: In this role, you will work closely with the Legal function to develop and monitor policies and standards applicable to the business and in compliance with the UK GDPR and other relevant legislation. Duties will include:

Implementing measures and a privacy governance framework to manage data use in compliance with the UK GDPR and other relevant legislation, including developing templates for data collection, advising on and assisting with data mapping and records of data processing, and vendor management reviews.

Working with key internal stakeholders in the review of operations and projects and related data processing to ensure compliance with data privacy laws, and where necessary, advising on and monitoring data protection privacy impact assessments.

Serving as the primary point of contact and liaison for the Information Commissioner on all data protection related matters under the UK GDPR and other relevant legislation.

Serving as the primary point of contact for data protection queries in the business.

Reviewing contracts and other third-party data processing and data sharing arrangements.

Ensuring filing and fee requirements with the Information Commissioner are achieved. 

Participating in the Keys Group Governance Committee.

Managing and conducting ongoing reviews of Key Group’s privacy governance framework and regular and ad hoc reporting on data privacy compliance within the organisation.

Advising on the UK GDPR implications on M&A activity.

Preparing and submitting the annual NHS Data Security and Protection Toolkit.

Monitoring changes to relevant privacy laws and making recommendations.

Setting standards and reviewing policies and procedures that meet the requirements under the UK GDPR.

Developing and delivering privacy training to various business functions to raise employee awareness of data privacy and security issues.

Coordinating, conducting and monitoring data privacy audits.

Responding to and advising on data subject rights requests, including data subject access requests (DSARs) and other requests from individuals.

Ensuring that Keys Group’s IT, digital systems and archiving procedures comply with all relevant data privacy and protection law, regulation and policy (including in relation to the retention and destruction of data).

Position Specifications

Education

Law degree or post-graduate legal qualification required; or

Hold at least one data protection and/or privacy certification, such as CIPP, CIPT, CIPM, ISEB.

Work Experience

5 years data privacy experience required. 

Experience in UK data privacy laws.

Experience in developing policy and compliance training.

Experience working in a regulated industry and in particular healthcare and/or social care is preferable but not necessary.

Knowledge, Skills and Abilities

Strong knowledge of UK and European data privacy and data protection regulation.

Ability to work unsupervised.

Sufficient knowledge of information technology and data management systems required.

Excellent writing and presentation skills.

Ability to undertake large, long-term projects, develop alternative methods to complete them and implement solutions.

Detail-oriented approach needed to recommend and implement strategic improvements on a range of data privacy and data protection issues.

Ability to handle confidential and sensitive information with the appropriate discretion.

Additional Requirements

The statements contained in this role specification are not necessarily all-inclusive; additional duties may be assigned and requirements may vary from time to time.

 

KGC

Keys Group

Salary £35,000 - £40,000 Pro Rata
Job Reference Keysgroup/TP/103157/4437
Contract Type Part Time
Closing Date 04 June, 2024
Job Category Administrative
Business Unit Support Centre
Location Birmingham, United Kingdom
Posted on 18 March, 2024

Spread the word

This website is using cookies to improve your browsing experience. Tracking cookies are enabled but these do not collect personal or sensitive data. If you prefer for this not to be collected, please choose to turn cookies off below. Read more about cookies.