Trac proudly powers the recruitment for

Kettering General Hospital NHS Foundation Trust

About

Kettering General Hospital is a medium-sized district general hospital which provides a wide range of services to about 300,000 people in North Northamptonshire.

The hospital has served its local community since 1897. It became an NHS Trust in 1994 and a Foundation Trust in November 2008.

The Trust's goal is to provide the highest standards of care for all of its patients and to fully support carers and visitors.

It has developed many state-of-the-art facilities run by highly qualified staff including:

An £18m short-stay surgery Centre – The Treatment Centre – which enables the majority of operations to be done with stays of less than 48 hours
A £4.7m Cardiac Centre providing heart-related treatments closer to people’s homes

The Trust also has:

600 inpatient and day case beds
A modern A&E department
A large maternity wing
17 operating theatres
An intensive care unit
Skin care centre – the Jubilee Wing
Cancer care wing – the Centenary Wing
Special care baby unit
Excellent diagnostic facilities e.g. CT and MRI scanners.

The Trust employs more than 3,200 staff and considers them its greatest asset.

As well as services based at the main Kettering site the Trust also runs a wide range of outpatient clinics in Corby, Wellingborough and Irthlingborough.

Contact

Address: Rothwell Road; Kettering; Northamptonshire; NN16 8UZ
Contact Number: 01536 492000

Find out more

Jobs Website

Open

Ref: 264-7707683-COR Vacancy ID: 7707683

Data Security and Protection Team Leader

Accepting applications until: 24-Feb-2026 23:59

Vacancy status: Open

Accepting applications until: 24-Feb-2026 23:59

Location

Site: Kettering General Hospital
Address: Rothwell Road
Town: Kettering
Postcode: NN16 8UZ
Major / Minor Region: Northamptonshire

Contract type & working pattern

Contract: Permanent
Hours: Full time - 37.5 hours per week

Salary

Salary: £38,682 - £46,580 per annum
Salary period: Yearly
Grade: (Band 6)

Specialty

Main area: Data Security and Protection, Information Governance

Detailed job description and main responsibilities

The post holder will be the Data Security & Protection Team Leader. In particular, the post holder will:

act as the expert source of advice and expertise in DSP for the Group;

support the development for clinical administration functions within the organisation – identifying information governance risks and issues and providing recommendations for change

increase the profile of Data Security and Protection within the organisation and actively support a “culture change” so that staff are aware of their responsibilities and duties towards confidentiality, integrity and availability of information;

ensure processes are in place for monitoring the secure disposal of IT and hardware assets;

initiate and plan a programme of work that ensures the Group complies with the requirements of the Data Security & Protection Toolkit;

completion of the annual Data Security & Protection Toolkit submission and the collation of supporting evidence which is analysed and updated to ensure compliance;

lead a range of audits which will check compliance with the DSP toolkit, research and development and incident management activities, developing improved systems and processes for data quality, data security and protection, data integrity and availability.

work in partnership with the Groups Cyber Security Lead to ensure that all Cyber related toolkit assertions are met within the NHSD deadline and any gaps in assurance are identified with a plan in place for compliance

implement and maintain compliance with relevant legislation, particularly the common law duty of confidentiality, the Data Protection Act 2018, the General Data Protection Regulation, the Computer Misuse Act 1990, the Human Rights Act 1998;

investigate and resolve information security issues and processes for systems which are process personal and/or trust sensitive data.

Implement the DSP training strategy for the delivery of the Trust’s IG training needs, ensuring that the Group meets the NHSD target for mandatory training, working in partnership with the Trust’s Learning & Development service

Deliver information governance training if and when necessary

Implement policies and propose changes to Group DSP policies as appropriate, conducting monitoring compliance with those policies and protocols and ensuring they are compliant with Data Protection Act and GDPR legislation

conduct data protection impact assessments (DPIA) where necessary and ensure the Group adheres to the data privacy by design and default as set out in Article 25 GDPR

act as the UHN information security expert to ensure any identified risks are communicated to the Head of Technology and Head of Clinical Systems to enable new systems to be implemented safely

assign DPIAs to relevant team members and ensure cross partnership working with relevant project and transformation leads

ensure that all Group DPIAs, Assets, Flows and third parties are appropriately recorded on the Information Sharing Gateway and signed off by the relevant DPO and SIROs

Be an escalation point for the DSP analysts to ensure DPIAs are in line with GDPR legislation, redesigning systems, processes and procedures to meet the Data Security by Design and Default criteria

communicate complex information to a range of audiences and be able to influence and persuade staff of the importance of excellent DSP standards

Lead the collation of relevant reports and information for compliance and performance reporting, inspections and internal assurance ensuring presentations articulate statistical, analytical and complex reporting to Group and Board mandated meetings

Coordinate the Data Governance Group and Information Governance Group meetings, ensuring relevant reports, minutes actions and decisions are recorded, delegating tasks to the DSP administrator as appropriate

Attend group, Trust and project meetings to provide expert Data Security and Protection advice and guidance to enable the effective adoption of expectations and policy

Coordinate reported incidents on Datix to ensure they are appropriately managed and actions are taken

Escalate incidents to the relevant DPO when they meet the criteria for a Serious Incident / reportable to the ICO

Manage the DSP Toolkit Incident reporting mechanism, ensuring all Serious Incident’s are reported with 72 hours

Provide IG input, advice, guidance for Research & Development programmes

Deputise for the DSP Manager when required

Ensure that the Information Sharing Gateway is administered as appropriate in respect of maintaining significant assurance status across the group, being the lead and expert for use of the ISG, proposing recommendations for improvements to the national system for process, analytics and reporting.

coordinate the effective investigation of any and all IG related incidents, working with the relevant manager in whose service the incident occurred, where necessary, to ensure appropriate action has been taken in relation to the incident;

To speak to staff, patients and family members on the telephone as an escalation point for the DSP analyst, demonstrating understanding, compassion and knowledge in difficult, challenging and emotional circumstances.

attend serious investigation panels and draft reports to the CCG which give assurance that due diligence has been carried out regarding all serious incidents

ensure that a root cause analysis is performed on all serious incidents with relevant actions recorded, and acted upon to ensure such incidents do not re-occur

work with the complaints team and directly with members of the public to communicate appropriately regarding any DSP grievances and queries

maintain the Group Information Asset register and data flow maps and, also, where appropriate, provide training to Information Asset Owners and Administrators

be a first point of contact for Data Subjects with regard to all issues related to processing of their personal data and to the exercise of their rights under the UK GDPR

to maintain their specialist knowledge in Data Protection Law and UK GDPR
update the Internet and Intranet pages for DSP as appropriate, ensuring it is up to date with pertinent advice and guidance, including applicable FAQs and relevant legislation

Workforce

The Data Security & Protection Team Leader will have line management responsibility for the DSP Team, ensuring that all staff have annual performance reviews, objectives and appraisals in line with the Group objectives, ensuring they have the equipment necessary to fulfil their roles and the HR management tools are managed effectively. They will be an active role in recruitment, induction and local training.

Ensure an adequate skill mix and that the office is appropriately managed

To provide specialised training, advice and guidance to DSP Team members as and when required

To manage the team in ensuring all members adhere to Trust Values and lead by example

To lead DSP Team recruitment;

To ensure the e-rostering system is signed off on a weekly basis

To carry out appraisals, team performance management and disciplinary processes

To be the lead contact for HR queries relating to the team

Important Information

Applications will be transferred to TRAC system, by completing an application your are giving authorisation for the transfer of your data.

Correspondence regarding your application will be sent to you via a TRAC system account.

We are an equal opportunities employer, which aims to employ a workforce that reflects the diverse communities we serve. We welcome applications from all suitably qualified persons from all backgrounds.

We welcome applications from members of our black and minority ethnic (BME) communities, especially in relation to senior posts within at KGH.

Applicants who have a disability and meet the essential criteria for the job will be interviewed if you indicate you wish to be considered under the Guaranteed Interview Scheme. If you require a reasonable adjustment at any stage of the recruitment process please make the recruitment services team aware as soon as possible.

Appointments will be made on merit.

In submitting an application form, you authorise Kettering General Hospital (KGH) NHS Foundation Trust to confirm any previous NHS service details via the Electronic Staff Record (ESR) Inter Authority Transfer (IAT) process. Including factual reference, occupational health clearance and statutory and mandatory training record.

If you need to have a Disclosure Barring Service (DBS) check, as a requirement of the role, you will be required to repay the cost of obtaining a DBS check (£49.50) and this amount will be reclaimed from your first salary. From 1st February 2019 all new starters to the Trust are required to join the DBS update service as per Trust DBS Re-checking Policy which has an annual cost of £16. New employees who do not join the update service will be required to pay £49.50 for a new DBS check in 3 years time.

Please note that news starters with KGH are subject to a six month probationary period.

Please ensure that the information you provide on your application form is correct, accurate and that nothing has been omitted. Any information that is stated in your application form in relation to qualifications/training courses/work/education experience/references must be able to be evidenced. Failure to do so may result if your offer being withdrawn.

"Safeguarding is everyone's business. KGH considers Safeguarding a priority amongst its citizen's and a key value for all employed to the service."

We want to recruit the best people to deliver our services across the University Hospitals of Northamptonshire and help to unleash everyone’s full potential. As an organisation, we value how we communicate and promote our vacancies to all communities. The Hospital Group encourages applications from people who identify from all protected groups, especially those from BAME, Disabled and LGBTQ+ backgrounds as these are underrepresented in our hospitals. We understand that we need to work with colleagues from diverse backgrounds and make sure the environment they work in is inclusive and collaborative. We have active Networks that promote and support colleagues from all backgrounds. This ensures everyone feels supported and has a sense of belonging working for Kettering and Northampton General Hospitals.

Applicant requirements

The postholder will have access to vulnerable people in the course of their normal duties and as such this post is subject to the Rehabilitation of Offenders Act 1974 (Exceptions) Order 1975 (Amendment) (England and Wales) Order 2020 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service to check for any previous criminal convictions.

Person specification

Education, Training & Qualifications

Essential criteria

Educated to Degree level or equivalent level of education, training or experience.
Significant experience in IG/DSP related activities across a Health and Care setting, or to have significant experience of working at a senior level in a public sector body
Practitioner Qualification on Data Protection Act or the General Data Protection Regulation

Desirable criteria

ISO 17024- accredited GDPR Foundation and Practitioner certificate or evidence of further education in the application of ISO/IEC 27002:2013 and other associated standards.
Evidence of continuing professional development.

Knowledge & Experience

Essential criteria

Working knowledge and understanding of the Data Security and Protection toolkit
Substantial experience of practical implementation of the Data Protection Act
Experience of working within NHS or similar large multi-disciplinary organisation in a similar role.
Experience of staff / team leadership
Experience of delivering awareness and training programmes for staff at ranging levels

Desirable criteria

Experience of working with internal and external auditors
Experience of working with or supporting the implementation of security systems

Skills

Essential criteria

Developed interpersonal skills within groups and on a one-to-one basis
Ability to mentor, teach and coach
Ability to analyse and interpret situations where there are conflicting legal / ethical standards and service requirements, and develop an appropriate and justified response on behalf of the Trust.
Ability to solve problems and use initiative to secure desired outcomes
Ability to prioritise between competing demands and allocate resources accordingly
Ability to manage time effectively and efficiently

Desirable criteria

Proven ability to undertake communication campaigns
Negotiating and influencing skills

Key Competencies/ Personal Qualities & Attributes

Essential criteria

Passionate and committed to bring our Dedicated to Excellence values to life, improving the way we work with each other, particularly focusing on empowerment, equality diversity and inclusion of our staff, patients and service users
High level of drive and determination
Self-motivated to work on own initiative.
Developed attention to detail and accuracy