Grade and Salary: Grade 7 £36,023.00 - £44,263.00

Working Pattern: 1 FTE, 35 hours weekly hybrid role, open-ended

Directorate Name: Governance and Legal Services (GaLS)

Role Description

Information Governance is a professional service team within the Governance and Legal Services Directorate. Working collaboratively with colleagues within the Directorate and across the University to support the University’s mission and contribute to its strategic priorities, we promote effective information governance to support University business worldwide and manage information risk to meet relevant legal, regulatory and audit requirements.

Joining the University during an exciting period of digital transformation, the role holder will work collaboratively and supportively with other members of the Information Governance team to provide timely, expert advice and guidance to the University community on lifecycle information governance, play a key collaborative role in the delivery of the Information and Records Management Programme, and help to embed data protection by design within strategic and operational activities.

Detailed Description

The role holder will provide specialist information and records management and data protection advice and expertise to enable the University to optimise use of information and manage information risks throughout the information lifecycle.  Reporting to the Head of Information Governance and Data Protection Officer (HIG&DPO) and working collaboratively and seamlessly with other members of the Information Governance team, the role holder will:

• Work with the Records Manager to recommend information governance policy, procedures, and guidance to manage the consistent and effective use of information and records throughout their lifecycle across the Global University
• Work with the Information Governance Officer (Data Protection) to provide timely expert advice and recommend measures to embed data protection by design and default and data subject rights into information systems, applications, and processes
• Promote effective information governance in the design and operation of systems, applications, and procedures to realise business benefits, meet operational and regulatory requirements and mitigate information risks so that users “do the right thing with data” by default
• Assist in reviewing and monitoring compliance with data protection and information governance standards on all University campuses
• Provide timely, expert advice on all aspects of record keeping and oversight of externally provided records storage and retrieval services
• Assist in managing and responding to data protection and freedom of information requests and investigate potential data breaches

Key duties and responsibilities

The post holder will:

• Apply specialist professional knowledge and expertise to recommend information governance policy, procedures, and guidance to manage the consistent and effective use of IT applications to enhance online collaboration; enabling the Global University to realise the business benefits, meet its operational and regulatory requirements and comply with relevant legislation, including data protection and freedom of information laws, and mitigate information risks
• Work collaboratively with colleagues in IG, Information Services (IS) and users to identify end to end process and information lifecycle needs when new or enhanced systems, applications and processes are being developed; advise on, recommend and review information governance architecture and controls (permissions and access rights management, folder structures, metadata, etc.) to facilitate the efficient capture, recording and retrieval of information, embed data protection by design and default and data subject rights into the configuration and use of systems, applications and processes, enable secure collaboration on a business need to see basis and easily apply University records retention and destruction policies
• Assist the HIG&DPO in advising colleagues on applying information governance and data protection by design and default to projects and activities, advising on and reviewing data protection impact assessments and information risk mitigation
• Provide timely expert advice to colleagues and students on all aspects of lifecycle information governance and data protection compliance
• Manage the University’s data mapping application (OneTrust) working collaboratively to build and maintain the Information Asset Register 
• Work with the IG team to recommend, review and update University information governance policies, procedures, and guidance to ensure these continue to meet current legal requirements and are in line with codes of conduct and best practice produced by external regulators; and review and monitor their application in record keeping systems and processes on all University campuses
• Work with the Records Manager to recommend appropriate records retention policies to meet legal and operational requirements; liaising with the Archivist, IS, who is responsible for archival policies
• With the Records Manager jointly oversee the provision of offsite records storage and retrieval services, liaising with users and the service provider
• Work under the guidance of the HIG&DPO to research, design and deliver training and guidance to educate and empower users to make responsible and effective use of applications and apply information governance standards and good practice
• Work with the Records Manager and other members of the IG team to provide specialist advice and guidance to a network of Information Asset Owners and Managers across the University Group
• Work collaboratively with members of the IG team as necessary to support seamless delivery of the service including managing and responding to freedom of information and data protection requests and investigating potential data breaches

Education, qualifications and experience Essential:

• Educated to degree level with a postgraduate/professional qualification in information governance including a strong focus on records management and data protection; or substantial relevant experience as an information governance practitioner able to evidence in-depth data protection knowledge at a professional level
• Excellent oral and written communication skills, in both written and spoken English, and the ability to produce high quality written work
• Strong digital capabilities and skills including proven knowledge and experience of using Microsoft 365 and  and the ability and willingness to learn new digital skills and capabilities appropriate to the role and how it evolves
• Proven experience in applying lifecycle information governance principles to IT applications
• Demonstrable experience and skills in building positive working relationships as a team member and supporting change management; with the proven ability to communicate effectively and empathetically with colleagues at all levels to persuade users of the benefits of applying information governance and data protection principles, provide helpful guidance and advice, address concerns and manage expectations
• Proven experience building, and maintaining, relationships with a wide variety of stakeholder groups and audiences 
• Possess sufficient breadth and depth of specialist knowledge in data protection and wider information governance law and good records management practice to advise others, and communicate their knowledge to a lay audience in a concise, and engaging way
• Ability to build and maintain a good understanding of the Global University’s business objectives, data processing activities and processes and associated information governance risks
• Strong time management skills and a flexible and adaptable approach with the ability to keep track of multiple tasks and to plan and prioritise workload to work effectively under pressure and meet deadlines, often in the face of changing and conflicting demands 
• Effective decision making and problem-solving skills, with the ability to respond appropriately to varying scenarios and different demands from different stakeholders, maintaining a positive professional approach at all times
• A high degree of analytical skills, attention to detail and accuracy of data handling and in all areas relating to the post
• Demonstrable application of sound information governance in own work, including adhering to information security practices and maintaining appropriate confidentiality of written and verbal communications
• Demonstrate the University Values at all times through performance and behaviour. 
• Established record of engagement in continuous professional development to keep knowledge and skills up to date
• Maintain awareness of own digital wellbeing by being mindful of the length of time spent at a screen and the impact on mental and physical health in using digital technologies.

Desirable

• Relevant professional experience as an information governance subject matter expert with a strong focus on data protection within a Higher Education environment, preferably in an institution with an international remit

How To Apply

Applications can be submitted up to midnight (UK time) on Tuesday 2nd January 2024 

Please submit via the Heriot-Watt on-line recruitment system (1) Cover letter describing your interest and suitability for the post; (2) Full CV

In person interviews to be held on Tuesday 16th and Wednesday 17th January 2024.

Informal enquiries about the role can be emailed to Ann Jones, Head of Information Governance and Data Protection Officer A.E.Jones@hw.ac.uk or Anne Grzybowski, Records Manager  a.grzybowski@hw.ac.uk

At Heriot Watt we are passionate about our values and look to them to connect our people globally and to help us collaborate and celebrate our success through working together. Our research programmes can deliver real world impact which is achieved through the diversity of our international community and the recognition of creative talent that connects our global team.

Our flourishing community will give you the freedom to challenge and to bring your enterprising mind and to help our partners with solutions that can be applied now and in the future. Join us and Heriot Watt will provide you with a platform to thrive and work in a way that also helps you live your life in balance with well-being and inclusiveness at the heart of our global community.

Heriot-Watt University is committed to securing equality of opportunity in employment and to the creation of an environment in which individuals are selected, trained, promoted, appraised and otherwise treated on the sole basis of their relevant merits and abilities.  Equality and diversity are all about maximising potential and creating a culture of inclusion for all.

Heriot-Watt University values diversity across our University community and welcomes applications from all sectors of society, particularly from underrepresented groups. For more information, please see our website https://www.hw.ac.uk/uk/services/equality-diversity.htm and also our award-winning work in Disability Inclusive Science Careers https://disc.hw.ac.uk/ .

We welcome and will consider flexible working patterns e.g. part-time working and job share options.

Use our total rewards calculator: https://www.hw.ac.uk/about/work/total-rewards-calculator.htm to see the value of benefits provided by Heriot-Watt University.