Information Governance Manager (SEO)

 The Medical Council is seeking to appoint an Information Governance Manager at Senior Executive Officer Grade to join the Information Governance team on a permanent basis. This role will report to the Head of Information Governance. This position will play a leading role in managing the organisation’s obligations under the Data Protection Act 2018, Freedom of Information Act 2014 (FOI Act), Data Sharing and Governance Act 2019, and all other associated work. The successful applicant will work alongside the Data Protection Officer (DPO) for the Medical Council, as provided for under Section 34 of the Data Protection Act 2018. Key responsibilities will include:Data Protection: Management of requests received under the GDPR and Data Protection Act 2018. This involves collating the relevant material, liaising with all teams across the organisation, reviewing the material and making decisions based on risk assessments, policies etc.. This includes but is not limited to standard Subject Access Requests, research requests for data, and requests from law enforcement and other Regulatory or Government bodies.Conducting Data Protection Impact Assessments under Article 35 of the GDPR as required, and conducting same on new projects and systems during planning stages. An understanding of when a DPIA is required as well as how to create same and address issues arising is essential. Responding to data protection related queries raised internally by staff and external stakeholders, as appropriate. This can include general privacy concerns, specific requests for advice/guidance and can involve liaising with other teams in order to provide accurate information. Reviewing existing and new contracts, MoUs, and SLAs with the Procurement function and General Counsel to ensure GDPR compliance. This can include updating clauses to reflect the nature of the contract and the jurisdiction in which it is created. Drafting, reviewing, developing and implementing data protection policies and procedures across the organisation to ensure compliance with the Data Protection Act 2018 and the GDPR. Where possible, this will involve bespoke guidance for each team dependent on what kind of data processing they do.  Advising on any data protection issues with regard to the exchange of data with other bodies and for any contracts or services, including within the EU and 3rd countries. Overseeing compliance with the Data Breach Response Procedure including reporting, monitoring and management of all breaches. This will include engagement with the DPC when required. Being solution focused is essential.  Management of all investigations, inquiries and complaints which may be commenced by the Data Protection Commission (DPC), including required follow-ups. Ongoing monitoring of advice and decisions issued by the DPC, with a focus on those directly relevant to the Medical Council.Providing reports on a regular basis to the Executive Leadership team, Senior Management, Committees and Council.As required, management of specific case files in conjunction with external and internal legal advisors. Escalation of data protection issues as appropriate.Identify, initiate and support the implementation of requirements under the Data Sharing and Governance Act 2019.Attend and actively contribute to meetings with other regulatory bodies and internal/external stakeholders. Take a leading role in the management of risk within the Medical Council - identifying, assessing, monitoring, and addressing Freedom of Information (FOI):·      Assisting the FOI Officer when required. This may include reviewing decisions and records.·      Providing advice and guidance on the application of appropriate exemptions under the FOI Act within the Information Governance team, and the wider staff of the Medical Council.·      Reviewing, drafting, and issuing decisions as the Internal Reviewer, in line with the FOI Act.·      Management of investigations and appeals commenced by the Office of the Information Commissioner (OIC) in line with the FOI Act, and other legislation as appropriate (e.g. Medical Practitioners Act 2007, Data Protection Act 2018, etc.).·      As required, management of specific case files in conjunction with external and internal legal advisors.·      Ensure compliance with the Medical Council’s requirements under the FOI Act including but not limited to the Publication Scheme and publication of Quarterly Disclosure Logs.·      Providing statistical data annually and as required to the OIC. Record Management:·      Review, update and implement changes to the existing Records Management Policy and Data Retention Schedule to ensure compliance with data protection legislation and internal policy in relation to the secure storage, and destruction of records.  Other Duties:·      Provide training to staff, Council and Committees on their obligations in relation to Information Governance and, in particular, deliver bespoke advice on trending data breaches etc.·      As appropriate, advise the organisation of changes in legislation and regulatory requirements and ensure policies and procedures are updated accordingly.·      Although this role is focussed on Information Governance, the successful candidate may be required to review and consider other legislation which the Medical Council may be subject to.·      Support the Head of Section with the development of strategy and the business plan in relation to the section.·      Manage the organisation’s obligations under the Re-use of Public Sector Information legislation.·      As required, actively review and provide updates to the Information Governance Risk Register.·      Work closely with the Head of Risk and Compliance to conduct internal audits and reviews of data protection, FOI, record management, processes and procedures across the organisation.·      Manage the implementation of, and provide updates on, recommendations following internal/external audits.·      Ensure adherence to all timeframes as set out in legislation.·      Management of sectional specific internal audits on processes and procedures.·      Undertake continuing education and professional development consistent with the post particularly in relation to Data Protection and Freedom of Information.·      Contribute to the management and development of staff within the section.·      Perform any other duties as may be assigned from time to time. Essential Criteria:·    ·      A minimum of 2 years’ experience working in a data protection specific role, preferably in an organisation which operates procedures and activities within a statutory framework.·      Excellent working knowledge of the Data Protection Act 2018, GDPR and the Freedom of Information Act 2014.·      Experience with Record Management.  Desirable Criteria: Third level qualification or equivalent. ·A formal qualification in data protection would be ideal. Good knowledge of the role of the Medical Council, its functions and the context in which it operates. Experience leading a team would be beneficial. Essential Characteristics:·      Strong interpersonal skills – the successful candidate must be comfortable engaging with a variety of stakeholders, and colleagues at different grades.·      Communicate with tact, understanding, and discretion with colleagues and members of the public when dealing with enquiries/information requests.·      Maintain a high level of confidentiality and discretion at all times when dealing with information.·      The ability to interpret various legislation, directives, and policy and how these may be applied in standard day-to-day process and procedure·      Highly organised approach to all tasks, with strong attention to detail in executing complex tasks and procedures.·      Ability to be clear, comprehensive and concise in communications, including reports (both qualitative and quantitative), minutes, website content, publications and interactions with statutory bodies e.g. OIC, DPC,.·      Ability to work independently, to demonstrate initiative and to work as part of a team.·      Ability to flex and adapt to changing demands, manage competing priorities and meet deadlines.·      Have the ability to make a significant contribution to the development of policy is a key requirement. Details of this Appointment:Position Type: This appointment will be offered on a permanent basis, 6 month probation will apply.Salary: Starting salary will be at €58,847 which is the first point of the Senior Executive Officer PayScale. If you are currently a serving civil or public servant, your entry point to the PayScale may be higher based on your current salary.  There will be salary increment each year in line with the Senior Executive Officer Grade PayScale and subject to satisfactory performance, until the maximum point on the scale has been reached. The rate of remuneration will not be subject to negotiation and may be adjusted from time to time in line with Government pay policy.  Senior Executive Officer PayScale €58,847   €60,567   €62,285   €64,000    €65,723     €67,437 €69,157 €71,637' (LS1 After 3 years satisfactory service at the maximum)€74,1122 ² (LS2 After 6 years satisfactory service at the maximum)Annual Leave: 29 working days plus public holidaysHours: 35 hours per week, Mon-Fri.Location: The Medical Council’s offices are located at Kingram House, Kingram Place, Dublin 2. We operate a hybrid working model with both remote working and a current requirement for on-site attendance two days per week. This may be reviewed in time.Pension: The Medical Council offers a pension through the Public Sector Scheme. Contributions to the scheme will commence on joining the organisation. Candidates currently working in the Public or Civil Service may transfer their pension. Rewards/ Benefits:Dedicated Wellbeing Group and Wellbeing Initiatives, Employee Assistance Programme, and Wellbeing App, Training and Development, Public Service Sick Leave Scheme, TaxSaver Travel Tickets, Bike to Work Scheme, Subsidised Flu Jabs, Paid Exam Leave & Study Leave, Income Continuance Scheme, Civil Service Credit Union, Apply by: 30th September 2025 Expected Interviews: w/c 6th or 13th October 2025