Records Management Officer

at  Nottingham CityCare Partnership CIC

Job Purpose Working within a busy Information Security team, the post holder will work closely with the Head of Information Security & Data Protection Officer to provide a high-quality Records Management and Data Protection Service to CityCare’s Directorates. The post holder will assist the Head of Information Security & Data Protection Officer in providing vital support primarily to the Records Management, Subject Access and Access to Information functions, whilst providing project support to aid organisational compliance in records management/processing, archiving, retention and destruction. The post holder will assist the Head of Information Security & Data Protection Officer in fulfilling their statutory duties, including but not limited to, compliance with relevant Records Management Code of Practice/Standards, Data Protection legislation and the Data Security and Protection Toolkit submission. Dimensions The post holder will plan, coordinate and deliver a range of projects and records management programmes for all types of personal and corporate data, including health/corporate records frameworks, electronic and paper-based procedures, records digitisation, archiving/retrieval and destruction of records.
The post holder will also provide assistance to Managers and Project Leads in the proper standards of the organisation of patient/personal and corporate records, ensuring effective management and appropriate storage of records guided by clear policies and procedures, with implementation of robust audits for all CityCare services. The Records Management Officer will assist with the monitoring of policy reviews and take ownership of the Records Management policy and associated standard operating procedures/guidance, whilst supporting with the implementation and delivery of Records Management training and increasing staff awareness of Records Management processes. Key Responsibilities To act as a point of contact for records management queries and requests for support which includes monitoring the shared mailbox and coordinating responses to internal and external colleagues. To maintain relationships with members of the public and internal / external stakeholders whilst ensuring that queries are dealt with confidentiality and sensitively, effectively and of high standard, whilst using own judgement to decide on the course of action.
To support the organisation with its aims to become a paper light / paper less organisation, including the provisions of records storage, processing and management within specific digitisation projects, for example, Office 365 (SharePoint / OneDrive / Channels etc.), ensuring compliance with law and best practice. To contribute to the development of organisational policies, procedures, and guidance including monitoring of review dates and publication on the organisations intranet and website. To support Managers to implement these processes and embed policies effectively into everyday practice. To provide support and specialist advice and guidance to all levels of the organisation on the appropriate legislation and best practice in relation to all areas of records management, including, but not limited to, paper-based, electronic and digitisation processes for clinical(patient records), employee, and corporate records.
To develop and implement an audit plan of clinical and corporate records, ensuring appropriate access and storage (physically and on electronic systems) security is adhered, reporting any findings to the relevant Committee and escalating concerns to the Head of Information Security& Data Protection Officer. To provide support to Managers and Project Leads in the completion of relevant records management risk assessments, providing advice and guidance to all staff in relation to health, employee and corporate records risks, liaising closely with the Head of Information Security to mitigate and investigate risks/concerns. To provide support to Managers and Project Leads in the implementation of relevant records management processes such as the tracking, retrieval, filing, destruction and archiving of clinical and corporate records, on site and off site, using the appropriate systems and methods, whilst ensuring compliance with Data Protection Legislation and Records Management standards. To plan, coordinate and deliver a range of projects and training programmes including, but not limited to, Records Management, ensuring specific targets are met.
To work proactively with the organisations Information Asset Owners and the Information Security Officer to ensure that records of processing activities are understood, recorded, and maintained. This will include the ensuring that the Information Asset Owners/Privacy Officers are supported in their role, escalating any concerns to the Head of Information Security & Data Protection Officer, and/or SIRO as required. To support, where required, with data breaches / records management incidents, ensuring that Managers are recording in line with the organisations policies and appropriate actions are taken as quickly as possible and are escalated accordingly. This may also include reviewing audit trails, checking individual accounts and producing relevant reports, and reporting to the Regulator as appropriate.
To provide assistance / support with the organisations submission of the Data Security and Protection Toolkit, working with internal and external colleagues to collate the relevant evidence to ensure the organisation can demonstrate compliance. To assist with the production of a communications plan to raise employee awareness, which could include posters, leaflets, articles and maintenance of the Information Security pages of the intranet. To provide an administrative support to the Service, and to assist, where necessary, with the administration of the Records Management Group including agendas, papers, and reports. The Records Management Officer will lead on specific items of the Records Management Group and may also be expected to Chair the Records Management Group as required.
To attend relevant Records Management meetings, seminars and conferences as necessary, providing feedback to relevant colleagues and committees and where necessary, deputising for the Head of Information Security & Data Protection Officer. To develop and maintain strong working relationships with a range of internal and external colleagues, such as the Caldicott Guardian, Senior Information Risk Owner, Records Management Officers, Information Security Officers, Privacy Officers, Digital Leads, Business Intelligence and Cyber Security colleagues. To support, where necessary, the Subject Access Request process by providing high level and complex advice as needed to CityCares virtual Access to Records team. This will require providing advice and guidance in managing requests for information and records from internal and external colleagues, external partners and agencies (such as the Police, Solicitors etc.) and members of the public, which may include patient and employee personal records.
To support, where necessary, Freedom of Information compliance at CityCare, including the provision of advice and guidance to all employees. To be responsible for records management supplies and stock, including the sourcing of appropriate electronic filing systems, internal/external storage solutions and archiving materials such as folders / boxes etc. Undertake any other duties which may reasonably be required within the Service and as delegated by the Head of Information Security & Data Protection Officer, including deputising as required

Please refer the Job description for details