The Senior Information Compliance Officer (SICO) supports the Information Compliance team in maintaining the university’s operational compliance with information law, such as the Freedom of Information Act (2000) and the UK GDPR and Data Protection Act (2018). The SICO role is a stimulating post which provides the post-holder with the opportunity to develop their experience in multiple key areas at a high-profile, global institution.
The post provides essential support for the Information Compliance Manager and the Assistant Director of Business Assurance (Information Compliance) through co-ordinating the university’s responses to statutory information requests ensuring the university’s compliance with a range of legislation, including the Data Protection Act 2018 (DPA), the UK General Data Protection Regulation (GDPR) and the Freedom of Information Act 2000 (FOIA). The SICO post manages the front-line information compliance enquiry service, by supplying timely, accurate and well-researched replies to incoming enquiries on routine and complex compliance issues involving DPA, GDPR, FOIA and related legislation.
The SICO post supports the tasks and responsibilities of the Information Compliance team as required including university-wide data protection and data governance activities.
18 Months Fixed Term Contract
This is a full-time post
• Co-ordinate the university’s responses to statutory information requests under the DPA, GDPR and FOIA by collating information and preparing responses within legal deadlines, ensuring that responses comply with legal requirements, university policies and good practice.
• Determine the appropriate strategy for responding to DPA, GDPR and FOIA requests, including the application of exemptions and exceptions.
• Review responses to requests for information and ensure that senior managers and relevant colleagues are consulted as required.
• Research and interpret legislation, case law, regulatory guidance and other relevant sources when preparing responses to requests and enquiries.
• Ensure that all actions and advice in dealing with requests and enquiries are fully recorded and documented.
• Undertake research and produce reports and statistical analysis as required by the Information Compliance Manager and Assistant Director of Business Assurance (Information Compliance).
• Support the Information Compliance Manager in project and audit work across the university.
• Provide an advisory service to university staff at all levels on information compliance issues and queries and to advise individuals requesting information under the DPA, FOIA and EIRs of the university’s procedures, the available information, and relevant issues.
• Log and assess reported data breaches in a timely manner, escalating serious breaches as appropriate.
• Review and advise colleagues on Data Protection Impact Assessments.
• Advise colleagues on the use of data protection clauses in contracts and data sharing agreements.
• Prioritise and plan workloads effectively to balance request processing and other duties, ensuring that requests are answered within statutory deadlines. Manage a heavy and diverse caseload, progressing multiple cases in tandem.
• Deliver regular training on information compliance issues under the direction of the Information Compliance Manager.
• Develop and maintain a network of departmental contacts on information compliance issues, and host and service meetings as required.
• Contribute to the development of compliance tools, resources, and guidance.
• Maintain web pages on compliance issues, including the university’s Freedom of Information Publication Scheme and Disclosure Log; monitor the university’s compliance with the Publication Scheme and provide advice to other parts of the university on Publication Scheme requirements.
• Monitor the university’s news highlights web pages and announcements for details of studies and reports published in the public domain which may attract enquiries.
• Work collaboratively and effectively with colleagues in other areas of the university on cross-cutting issues concerning information compliance and data governance.
• Deputise for the Information Compliance Manager as required from time to time.
• Assist the Information Compliance Manager in supporting the development and training of the Information Compliance Officer.
• Effectively maintain electronic and paper-based records for the Information Compliance Team.
• Ensure confidentiality at all times.
The above list of responsibilities may not be exhaustive, and the post holder will be required to undertake such tasks and responsibilities as may reasonably be expected within the scope and grading of the post.
Skills, knowledge, and experience
1. Excellent knowledge of information access and privacy legislation and regulation; ensuring the confident provision of clear and accurate advice on the Freedom of Information Act (2000), the UK General Data Protection Regulation (GDPR) the Data Protection Act (2018)
2. Ability to write and communicate clearly, concisely, and professionally with an excellent standard of written and grammatical English
3. Excellent desktop IT skills
4. Excellent research and analytical skills: ability to locate information from a range of sources, absorb and analyse complex information quickly, producing reports and statistics
5. Ability to prepare correspondence and respond to enquiries and requests for information clearly, accurately, and professionally
6. Excellent planning and organisational skills
7. Experience of handling requests and enquiries on FOIA, DPA and GDPR in a similar role
8. Experience of dealing with challenging situations and behaviour sensitively and tactfully
9. Ability to progress multiple tasks to meet deadlines under pressure
10. Good negotiating skills
11. Methodical and highly organised approach to work
12. Flexible approach, willingness to take on new tasks and responsibilities
1. Good first degree or equivalent
2. Relevant qualification in information management or information compliance
3. Ability to prepare and deliver effective training on complex issues
4. Experience of creating and maintaining web content
5. Experience of working in higher education