Post:Information Governance LeadPay:£30426 - £34392 per annum depending on experience and qualificationsHours:37 hours per week, Monday-Friday 9am-5pm (with some evening and weekends required for training delivery across sites and services)Accountable to: The Head of Quality and RiskBase: Newfield House, Vicarage Lane, Blackpool, FY4 4EW and will include visits across all sites for training and deliveryClosing Date: 1st February 2026Overview of Role:Promote. Empower. Lead.
FCMS, a social enterprise for health and wellbeing services, is seeking a dedicated and forward-thinking Information Governance (IG) Lead to support FCMS in ensuring that information is handled securely, legally and effectively. This is a hands-on role focused on raising awareness, delivering staff training and embedding good IG practices throughout the organisation and reinforcing a positive IG culture across FCMS.Were looking for somebody passionate and proactive to champion a positive and secure culture. The post requires the ability to link together a multitude of different compliance elements within a dynamic and fast paced environment; to deliver exceptional care to our patients, who are the central focus of all that we do.This role is a key part of our Quality & Risk Team and central to maintaining the integrity, safety, and resilience of our clinical and corporate systems. This is a pivotal role that blends leadership with hands on influence, empowering staff and managers to embed strong information governance culture while keeping our digital data landscape safe and resilient. This is more than just your average IG role - this is about safeguarding the trust that underpins every patient interaction!Day to Day Duties to include, but not exhausted:As our IG Lead, youll be at the forefront of driving a privacy by design mindset across all teams. You will be responsible for:Awareness, Training & Engagement: designing and delivering engaging and practical staff training. To lead initiatives to raise awareness of IG, Data Protection, Confidentiality and Records Management, plus more. Provide accessible advice and support to staff at all levels. Champion a positive culture of compliance and good practice in a pragmatic way applicable to the environments in which we work. Youll be a coach instilling the best practices in a way that sticks, adapting styles as required for the audience, ensuring IG awareness becomes part of everyday working culture. You will need to be able to connect to audiences in different ways and be confident in presenting at meetings or to groups up to 30.Information Governance and data protection: design and chair IG and information asset owner working groups including agenda creation, minutes and action plans and reports. Implementing and overseeing policies and frameworks that ensure data is handled responsibly, legally and securely in line with NHS, ICO and regulatory standards and to coach and support IG champions. Provide assurance and compliance evidence to support NHS DSPT toolkit completion. Support FCMS work towards future accreditations of ISO:27001 and Cyber Essentials Plus.Monitoring, Audit & Continuous Improvement: Assist with IG audits and compliance checks, identify gaps, recommend improvements and support implementation. To manage the audit calander and implement actions from an IG strategic 12-month focus. To manage the compliance required such as DPIAs, data sharing agreements, information asset registers, day-to-day GDPR queries plus more!Data Subject Rights and Records Management: support processing of SARs, FOI requests and any complaints received in relation to data protection or information governance. Support with investigations as required. Assist with records management processes including retention, secure disposal and data quality audits.Incident Response & Resilience: review data/security breaches or incidents in a timely manner and support teams in any investigations required and produce reports as needed promoting learning outcomes. shape our response protocols and business continuity plans, testing these and supporting services with BCP and incident responses so we are always ready for the unexpected!Data Sharing and Contracts: Support review of DSAs/DPAs, DPIAs and information related contract clauses and liaise with internal and external parties on data handling and compliance.Cyber Security support: You will support the review of systems as part of DPIA reviews to include cyber security, using internal and external resources available to aid this. This is not a specialist or dedicated cyber security role but may include on occasion supporting risk assessments, audits and reviews alongside consultants to identify vulnerabilities and strengthen our defenses whether that is within digital systems, processes or people and environments.Internal ICT oversight: You will be the conduit between external ICT services and FCMS to escalate any issues that arise and seek key assurances and KPIs required for data protection or cyber assurances, using frameworks such as the NHSE DSPT. To support policy-based access controls working with external ICT services and internal departments. To assist FCMS to fully understand our complex ICT infrastructure so as to support our IG and GDPR requirements.Other duties are required:This Job Description will be periodically reviewed in the light of developing work requirements.This is an evolving role and therefore, these duties are not exhaustive. The role may change via discussion between the post-holder, line managers and relevant others. The individual in post will be expected to contribute towards that revision. The post holder will be expected to cover the reception desk and administration tasks of Newfield House during unplanned absences additionally and carry out any other duties as required and delegated by the Head of Quality and Risk.General:To have responsibility for all things under the umbrella of Quality and Risk, maintaining a level of understanding regarding working practices and to always comply with local Safety Policies and Procedures. To observe national and local policies and procedures in respect of: health and safety, Fire and electrical safety, data security and GDPR, counter fraud, Basic Life Support, safeguarding and Infection Control. The post will primarily be based at Newfield House, Blackpool and there is a requirement to travel to other sites and deliver training or help resolve issues within an out of hours setting (evenings and weekends), as required. All mandatory and additional training must be kept up to date as a requirement to this role. Additional training is further required to be undertaken for this post.Our key expectations are:Self-awareness Living authenticallyAdaptability- Being ready to adjust depending on the situationOpenness What you see is what you getPositivity with a real sense of being able to strive for the impossibleGenerosity of spirit- Everyday should be an opportunity to act with kindnessAbility to have fun Taking the role seriously, whilst being yourselfOur Why: To nurture an environment of inspiration, innovation and disruption so this people in our world receive exceptional healthcare for this generation, and the next.Values: Our organisational culture is very important to us, so it is vital that the successful candidate lives and breathes complimentary values and behaviours. Our behaviours should be in line with our values which form part of our Company DNA:Fun: People rarely succeed unless they are having fun. Happiness is healthy!Awesome: We arent here to be average, were here to be awesome!Humble: Were here to make a difference to the lives of others, NOT to see how important we can becomeBrave: We challenge the norm. We have the courage to get the difficult jobs doneOompf: We have natural oompf! Its infectious!Go-getting: We are intuitive to changing needs and respond quickly which we do with energy, ideas, and positivityCome and be a part of our amazing team!We offer NHS PensionCycle to Work SchemeCareer Development OpportunitiesAttendance BonusStaff Benefit SchemeFree Tea & CoffeeEye Care ContributionsInformationGovernance:Understand the importance of Information Governanceand maintain the IG Toolkit on an annual basis.Maintain accurate and comprehensive statistical information,ensuring legal and local requirements are met.SafeguardingStaff are to report any safeguarding concerns to managers on site and follow usual processes if they become aware of any. Safeguarding is everyonesresponsibility.Disability Confident Employer -As users of the disability confident scheme,we guarantee to interview all disabled applicants who meet the minimum criteria for the vacancyDBS - This post is subject to the Rehabilitation of Offenders Act (Exemption Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions. This will require three forms of valid ID to be produced and verified. The onboarding process is also subject to an Occupational Health check, suitable professional references and eligibility to work in the UK (with the requirement to provide relevant documentation as evidence)Person SpecificationQualifications Essential5 GCSEs A* - C/4-9 including English Language or equivalent training of management or healthcare related qualification. (Experience or qualifications required)DesirableProject managementIG, GDPR/Data Protection or ISO related qualificationsExperience EssentialExperience of delivering training or delivering meetings to a range of audiences.Good knowledge and experience of understanding of UK GDPR, Data Protection Act 2018, FOI, and records management and implementing this within a workplaceAbility to handle sensitive information appropriately.Experience communicating with non-technical audiences with self-awareness and emotional intelligence, adapting styles as requiredExperience of working with IT systems confidentlyDemonstrated ability to operate in an environment of fast paced change.Demonstrated ability to meet deadlines, schedules, set goals/objectivesAble to demonstrate effective partnership/team working but also experience of working well on your own initiative.Problem solvingDesirablePrevious experience in an IG, data protection, or compliance role.Experience conducting DPIAs or handling information rights requests.Collaborative and approachable.Strong problem-solving skills.Experience working with Microsoft 365 productsExperience of working within a healthcare environment.Experience of Cyber Essentials or ISO 27001 or have worked towards accreditationExperience in writing policies and guidancePersonal Qualities EssentialOutgoing & enthusiastic attitude bringing passion to the subject of IG!Positive attitude to change and process improvement.Strong communication skills with ability to explain IG concepts clearly.Confident delivering training to a range of audiences.Ability to build relationships, influence behaviours, and support cultural change.Strong organisational skills and attention to detail.Proactive, hands-on approach.Prepared to be willing to work towards frameworks and QualificationsPrepared to undertake formal workshop training/qualificationsManual handling tasks required for organising filing and archive record systems & disposing of old equipment/itemsFull UK Drivers license required (subject to insurance requirements)The organisation is committed to safeguarding and promoting the welfare of children, young people and vulnerable adults and expects all staffto share this commitment. You will be expected to fulfil your mandatory safeguarding training at the level applicable to this role.We reserve the right to close this vacancy early if we receive sufficient applications for the role. Therefore, if you are interested, please submit your application as early as possible.
