As the next phase in the expansion of the Performance & Data team at the Planning Inspectorate, the Data Protection Lead role is a vital requirement to ensure that the organisation meets its regulatory obligations. The DPLO will liaise with the relevant DPO relating to Data Protection compliance and provide assurance to senior management / departmental business areas to monitor data risks / compliance activities
Planning Inspectorate (PINS)
As the next phase in the expansion of the Performance & Data team at the Planning Inspectorate in Bristol, the Data Protection Lead role is a vital requirement to ensure that the Planning Inspectorate meets it regulatory obligations. The DPLO will liaise with the relevant Data Protection Officer relating to Data Protection (DP) compliance within PINs and support and provide assurance to senior management and departmental business areas; ensure appropriate policies, roles and practices and evidence keeping in place to ensure effective monitoring of personal data risks and compliance activities.
Data Protection Lead Responsibilities:
- Act as the main liaison with the relevant Data Protection Officer on data protection matters which could include liaison with the data protection regulator as required.
- Provide Advice & assistance to Executive team, Business areas on legislation & compliance (including support to Commercial on appropriate T&Cs in business contracts/MOUS and data sharing agreements)
- Provide business advice and input into business projects with personal data implications. In particular, advice and guidance regarding the identification and completion of Data Protection Impact Assessments (DPIAs). DPLO will undertake the due diligence of DPIAs and once completed will forward for sign off to the relevant DPO.
- Deliver the data protection needs of the organisation by developing and delivering mandatory 'data protection' training for staff. Liaising with L&D to collate MI evidence that mandatory training has been completed by all staff.
- Provide future training needs for other bespoke areas of the business as identified e.g. Inspectors, HR
- Act as owner of Data Protection Policy/Frameworks; responsible for ensuring the continual review, maintenance and updating of all DP policies /Frameworks.
- Maintain and update the Data & Performance Risk Register and support business areas in their identification of personal data risks.
- Act as owner of Business areas Records of Processing and supporting documentation as required under Article 30 GDPR (accountability principle).
- Review business area retention policies, data sharing agreements, privacy notices, appropriate policy statements to ensure compliance.
- Assist and audit business area compliance with GDPR responsibilities.
- Maintain process for reporting, recording, investigating personal data breaches, providing recommendations regarding the reporting of breaches and reporting to relevant Data Protection Officer and working with business area roles to identify and learn lessons to reduce likelihood of re-occurrence. Provide relevant MI to Executive team /relevant Boards.
- Provide GDPR assistance to Brexit project as per MHCLGDCMS instructions
- Represent Data Protection interests at ISMF and provide input on information risks to other committees as required.
- Actively manage performance, attendance and conduct in your team in line with PINS people policies.
- Demonstrate the importance of continuous improvement. Foster a team environment where members are supported and developed to enable the team to fulfil their potential
- Champion inclusivity and wellbeing and encourage the views of all.
- Deal with conflict and issues within the team quickly and sensitively.
- Data Protection qualification e.g. ISEB in Data Protection
- Significant experience in privacy and security risk assessment and best practice mitigation.
- Significant hands-on experience in privacy assessments privacy certifications/seals, and information security standards certifications.
- Significant knowledge or GDPR and Data Protection Act 2018 and other privacy legislations.
- Ability to remain impartial and report all non-compliances.
- Worked and reported to senior management level.
- Has training delivery experience.
Opportunity to be part of a newly formed function
Opportunity to directly influence Data Strategy
Contact Name: James Hobson
Job ID: 2807345