Data Protection Officer - AR

Role Description

To be the focal point in the Force providing advice on Data Protection, Freedom of Information, and Information Sharing matters ensuring implementation of all necessary policies, procedures and other measures in compliance with the Authorised Professional Practice (APP) for Data Protection, Freedom of Information and Information Sharing.

Main Responsibilities

1. Hold the post of Force Data Protection Officer and Force Freedom of Information Officer, with the responsibilities as set out in the Association of Chief Police Officers Data Protection and Freedom of Information Authorised Professional Practice (APP).
2. The post holder will be responsible for the final sign off of disclosures made on behalf of the Chief Constable.
3. The post holder will be the point of contact for the Information Commissioners Office. You will be responsible for managing any S55 Data Breaches and where necessary notification to the ICO. This will involve maintaining a log of all breaches, a rationale for reporting, the review of practices and liaison with specific internal departments namely Professional Standards and the Chief Officer Group to advise on how to mitigate any current or future risk. You will also need to interpret any decisions made by the ICO.
4. Providing appropriate strategic advice, assistance, guidance and compliance by interpreting relevant legislation to ensure information disclosure or compliance aspects are duly regarded at all levels and within Constabulary policies, procedures, guidance and projects.
5. Provide advice to project managers through the implementation of Privacy Impact Assessments and keeping a log of all advice given with regards to this process.
6. You will be expected to manage the Information Disclosure Team within the force. To manage staff performance using the Individual Performance Review (IPR) system, ensuring that annual and interim meetings take place and objectives are agreed and actioned.
7. Develop and provide an effective and efficient appeal mechanism as required under the provisions of the Freedom of Information Act 2000.
8. You will be responsible for the implementation and continued use of a Data Protection and Freedom of Information training package suitable for all levels of personnel within the Constabulary. ensuring all personnel are kept up to date with changes to legislation. This will include the maintenance of a training log, and escalation to line managers to ensure compliance with annual and/or mandatory training.
9. You will need to have a thorough working knowledge of the formal disclosure of information to statutory bodies and individuals in the following disciplines:
   • Freedom of Information (FOI)
   • Environmental Information Regulation (EIR)
   • Data Protection Subject Access Requests (DP SAR)
   • Data Protection Section 35 (2) - Civil legal proceedings.
   • Disclosures to governing bodies / employers (CLPD and 'pull' requests)
   • Insurance Memoranda of Understanding.
   • Children and Family Court Advisory and Support Service (CAFCASS)
   • Criminal Injuries Compensation Authority (CICA)
   • Information Sharing Agreements.
10. Ensure that all disclosures made meet the legal obligations whilst applying best practice to protect information throughout the organisation. Implement regular reviews ensuring that these requests are dealt with in line with the service level agreements and carried out in accordance with legislation/national guidance.
11. You need to be able to research nominals, analyse and evaluate all information, particularly crimes, intelligence, storm together with other relevant information from local force systems. Where appropriate, interrogate national databases to gather evidence for the collation and preparation of relevant documentation.
12. To maintain a good working knowledge of all relevant DP and FoI legislative guidance, policies and procedures and advising on implications of related developments external to the Force at local, regional and national level e.g. legislative changes and decisions from the Information Commissioner.
13. To create Data Processing Agreements with outside contractors and liaise with the Force Vetting Officer to ensure that contractors associated to the agreement are vetted to the appropriate level.
14. To develop and maintain relationships and partnerships with other Forces and outside agencies whilst ensuring representation of the Constabulary at regional and national level as appropriate.

Reports To

Head of Governance and Compliance

Additional Information

Vetting Level: The role must be vetted to a minimum of Management Vetting (MV & SC).

Mobility: The Force reserves the right to request you to carry out any other duties or move you to any other post appropriate to your grade, at any location within the county of Gloucestershire, as business requirements dictate.

Working Pattern: Normal working hours will average 37 per week or will be pro rata. This will be worked subject to the needs of the service and may involve shift, night, weekend and public holiday working.

Standards of Professional Behaviour: All members of Police Staff / Police Officers must comply with these standards.

Travel: The post holder will be required to travel to attend regional and national meetings.

Training and development: The postholder will be required to maintain professional knowledge and attend any other courses appropriate to the grade of the role.

Experience and Qualifications Minimum criteria for role:

• Hold a professional Data Protection and/or FOI qualification
• Proven substantial Data Protection / FOI experience, particularly around decision making
• Experience of managing a team
• Experience of working in a confidential environment and able to demonstrate a high level of personal integrity
• Good verbal and written communication skills (as the role requires the postholder to present at meetings and complete reports both internally and externally)
• Able to demonstrate accuracy to detail

Desirable:

• Previous experience of working within a policing environment would be desirable.