Data Compliance Officer

The Infected Blood Compensation Authority (IBCA) is a new arms-length body set up, at unprecedented pace, to administer compensation to people whose lives have been impacted by the infected blood scandal.

IBCA will ensure payment is made in recognition of the wrongs experienced by those who have been infected by HIV, Hepatitis B or C, as well as those who love and care for them. They have been frustrated and distressed by the delays in achieving proper recognition, and we must help put this right.

We are committed to putting the infected and affected blood community at the centre of every decision we make and every step we take to build our organisation to deliver compensation payments.

IBCA employees will be public servants. If successful in this role you will be appointed directly into IBCA, on IBCA terms and conditions as a public servant.

Successful applicants will join the Civil Service Pension Scheme.

Please note that the mission of IBCA means that it is likely to be fully operational for a period of approximately up to 5 years, after which IBCA will become a smaller residual service. When IBCAs work begins to wind down, IBCA employees will receive support and practical guidance to find a new role, whether in the Civil Service, another Arms Length Body (ALB), or an external employer.

The Infected Blood Compensation Authority is a recently established organisation which has been set up to pay compensation to those who have been infected and affected by the infected blood scandal. The IBCA Data Governance team sits within the Strategy and Governance Directorate, and is staffed by leads for Data Protection, Knowledge and Information Management (KIM), and Disclosure Operations.

The Data Protection strand will enable IBCA to process personal data while assuring compliance with data protection legislation, and is led by IBCAs Data Protection Officer.

The KIM strand focuses on the information lifecycle within the organisation to provide effective oversight of the creation, organisation, storage, disposal and exploitation of available data, and is led by the Head of Knowledge and Information Management.

The Disclosure Operations strand leads on providing responses to FOI requests, Subject Access Requests, and related correspondence relating to data subject rights and requests for information. This is led by the Information Rights and Disclosure Lead.

Successful candidates will be appointed as a Data Compliance Officer within the Information Rights and Disclosure Operations section.

The three functions, however, collaborate to provide effective data governance for IBCA, with an expectation that work will also flow between the strands as circumstances and business needs require.

This role requires you to be in the Newcastle office at least 60% of your working time.

As a Data Compliance Officer, you will take end-to-end ownership of rights of access requests under both Data Protection and Freedom of Information legislation. You will effectively manage cases from initial receipt through to final disclosure, ensuring strict compliance with legislative timelines, regulatory guidance and internal policies. Utilising your depth of knowledge, you will independently evaluate and service standard requests without the need for management escalation, accurately applying complex legislative exemptions and provisioning clear legally sound justifications where necessary.

Beyond casework, you will serve as a vital advisory resource, providing expert compliance guidance to colleagues at all levels of the organisation. You will collaborate closely with directors and Senior Managers across various directorates to smoothly progress applications and align practices. Additionally, you will be responsible for proactively identifying and evaluating potential data risks to the authority, partners and individuals, ensuring appropriate mitigations and exemptions are applied to keep the organisations information sharing practices secure and legally robust.

Alongside these, we are looking for you to:

Maintain an exceptional level of accuracy and attention to detail.

Dynamically manage your own workload and conflicting priorities.

Handle highly sensitive information with the utmost confidentiality, tact and discretion.

Proactively problem solve and develop practical strategies to overcome operational issues.

Balance independent working with active teamwork.

Essential Criteria:

Knowledge and experience of dealing with Data Protection or Freedom of Information requests, and related correspondence relating to requests for information.

Outstanding ability to identify risk relating to organisational and individual impact specific to both Data Protection and Freedom of Information legislative practices.

Ability to identify sources of information both internally and externally.

Proficient computer skills, including Word and Excel.

Working without direct supervision.

Must have a flexible approach to tasking and have the ability to recognise changing priorities.

Desirable Criteria:

Experience of working successfully with Partner Agencies.

Ability to assimilate bespoke databases.

Additional information:

A minimum 60% of your working time should be spent at your principal workplace. Although requirements to attend other locations for official business will also count towards this level of attendance.