Data Protection Officer

Location: Holborn, Central London (remote working during COVID- 19 lockdown)

Salary: £42k – £48k per annum pro rata (depending on experience) plus benefits

Type of contract: Permanent

Hours: Part- time (0.6 FTE, 22.5 hours per week)

Contract start: ASAP

The Intensive Care National Audit & Research Centre (ICNARC) is a small, independent, nationally and internationally respected, scientific, not-for-profit organisation (c40 staff in total), using accurate data to help improve the quality of critical care through audit, research and education, conducted with, and in the interests of, patients and those who care for them. Most recently, ICNARC has been centrally involved in the response to COVID-19 through weekly reporting on admissions to, and outcomes from, intensive care and as the UK methods centre for the CMO endorsed REMAP-CAP trial which is currently recruiting in 120 centres in the UK.

About the role

This is a brand-new role, ideal for someone who enjoys utilising their experience, knowledge and skills to make a significant impact across our data processing and analysis activities. The successful candidate will be a well-organised individual who possesses strong technical skills, with the ability to handle confidential information, asses risk and find solutions.  Ability to work constructively with senior and junior colleagues to develop understanding and embed strong information governance practices, through-out the organisation, will be key.

What you’ll be doing

We are looking for a Data Protection Officer to ensure our organisation is compliant with the General Data Protection Regulation (GDPR) and the NHS Data Security & Protection Toolkit.

You will facilitate GDPR compliance through transparent data protection policies, systems and procedures.

The ideal candidate will have demonstrable experience of:

  • Leading on activities related to Data Protection Regulations
  • Creating and regularly reviewing data-related policies and standards to ensure effective implementation of Information Governance practices
  • Identifying, reviewing and evaluating existing data management procedures and implementing new procedures within organisation to embed adherence to GDPR standards
  • Providing advice and instructions, to team members, on how to conduct Data Protection Impact Assessments (DPIAs) and embedding best practice across all teams
  • Providing day to day privacy advice and acting as a single point of contact for privacy issues
  • Managing any data privacy breaches, working to identify root causes, mitigate risks and prevent reoccurrence
  • Ensuring that organisation address all queries from data subjects within legal timeframes
  • Building and managing relationships with internal and external stakeholders, including data regulators and auditors
  • Delivering GDPR and any other relevant data protection training to staff to increase awareness of data protection measures
  • Liaising with other organisations that process data on organisation’s behalf
  • Managing DPO inbox, responding to, and managing, data subject rights requests.

What you’ll need to succeed

In order to succeed, it is essential that you have experience of working in a similar role and have in depth knowledge of the GDPR and UK data protection laws. You will also have knowledge of data processing operations and familiarity with computer security systems. Experience of the health sector, and the nature of its data processing activities is desirable but not essential.

What you’ll get in return

In return you will receive an annual salary of £42k – £48k per annum (pro rata) working for a well-established, scientific organisation in the centre of London. You will also receive a generous benefits package including:

  • 25 days holiday (pro rata) per year and the opportunity to buy and sell annual leave;
  • flexible working which is fully embedded in our culture;
  • interest-free season ticket loans;
  • support with further academic/professional development; and
  • an enhanced pension contribution after your first year of employment.

Download Job description and Person Specification here – Data Protection Officer JD (PDF)

How to apply

Please read the job description for the role. The person specification sets out the skills and experience we are looking for.

To apply for the role, please email your CV, cover letter (addressing how you meet the role requirements) and Equal Opportunities Monitoring Form to

Closing date: Friday 19th June at noon

 “We are committed to equality of opportunity for all staff and applications from individuals are encouraged regardless of age, disability, sex, gender reassignment, sexual orientation, pregnancy and maternity, race, religion or belief and marriage and civil partnerships.”