Data Protection Officer

Job Title: Data Protection Officer
Accountable to: CEO/DPO
Base: EPM Offices, Huntingdon

The Company

Based in Huntingdon, Cambridgeshire, EPM is an award-winning and accredited education services business with over 25 years of expertise.

We are a technology-enabled business, but people are at the heart of what we do.

We believe in developing long-lasting relationships with our customers and employees, with our relationships lasting, on average, 11 years.

We are 100% dedicated to education and our expert team of over 200 highly qualified employees support more than 2,300 Schools and Trusts nationwide.

Our culture is unique and is based upon our motivated and passionate team.

As a result, we encourage our employees to flourish and unleash their talent by building their confidence and providing them with the opportunities and support to empower them and realise their full potential.

This is just one of the many reasons we were awarded ‘Employer of the Year' at the Hunts Post Business Awards in 2018 and shortlisted again in 2019.

EPM's performance in the market has been, and continues to be, exceptional, resulting in significant growth year after year.

Our success can be attributed to our proactive, forward-thinking approach and passionate team.

Our plan for the future is to continue this growth, increase our geographical reach and consider expanding the services offered.

Purpose of the Job

To review process flows on current procedures and implement plans enabling the business to minimise risk.

Working closely with the EPM board as well as the wider Citation group Supporting and implementing organisational policies and processes that ensure the organisation complies with data protection law and good information management practice.

You will also lead on or support workstreams at a senior level to sustain compliance across all data streams in order to meet business objectives.

This role is pivotal in supporting the business achieve its goals, finding the balance between objectives, data protection law, group policy and each department's influence will be critical.

Standing firm from pressures in all directions whilst trying to find solutions that enable and not restrict will be a key.

Main Responsibilities/Duties of the Job

Company Responsibilities

1.

Lead the implementation of the group data protection and information governance framework locally, keeping leaders on at EPM and Citation group updated on progress and challenges.


2.

Work with the business in setting and achieving data retention timeframes
3.

Ensure that appropriate due diligence is carried out prior to onboarding a new supplier, ensuring that appropriate information security practices and data protection compliance are at play.
4.

Keep up to data record of processing activity, data maps and ensure they are a primary reference point for all projects and data processing
5.

Be the onsite SME for data protection laws and their practical application, in particular dealing with the exercise or rights and supporting the business in meeting each of the data protection principles
6.

Managing significant projects requiring dedicated time to manage, review and implement
7.

Analysing and making recommendations against information security concepts and working with IT and the business to identify risks to information and mitigation strategies
8.

Influencing stakeholders at all levels of the business and lead change
9.

Be the contact point for the ICO
10.

Support the business with privacy impact assessments when they are necessary

Internal Team and Broader Responsibilities

1.

Contribute to the sharing of good practice and knowledge amongst colleagues, as required.
2.

Attend and participate in regular team meetings as appropriate and training to keep up-to-date with current legislation, policies and procedures and other relevant guidance.


3.

Be compliant with EPM employee policies and procedures.
4.

Provide support for other colleagues when necessary.


5.

Proactively participate in the EPM Appraisal process.
6.

Maintain high levels of confidentiality and integrity at all times.


7.

Perform miscellaneous job-related duties as assigned.

Please click 'Apply' to continue your application.