Information Governance Manager

Job overview

King's College Hospital is looking for a full-time Information Governance Manager to support the delivery of the Trust's Information Governance (IG) work programme.

Please note that this is an office-based position, meaning that you will need to work on site at King's College Hospital (SE5 9NY) multiple times per-week.

Additionally, the interviews will be face-to-face. This is non-negotiable and we will not be offering virtual interviews for this position. Previous applicants need not apply.

Main duties of the job

Acting as a professional manager, the postholder ensures the effective implementation of policies and procedures in line with established guidance.

The role operates within defined frameworks to provide operational support for Information Governance processes and compliance activities.

The postholder will bring substantial knowledge in managing all aspects of Information Governance, ensuring a coordinated approach across the Trust and partner organisations in accordance with statutory and local regulations. They will provide advice and guidance to managers and staff on Information Governance matters and liaise with stakeholders and external bodies as required.

Working collaboratively, the postholder will contribute to the development, maintenance, and delivery of the IG work programme, which includes:

• Data Security and Protection Toolkit
• Data Protection
• UK GDPR
• Common Law Duty of Confidentiality
• Records Management
• Data Security
• Information Sharing
• Freedom of Information

Detailed job description and main responsibilities

• Provide Information Governance advice and support to staff across the organisation.
• Assist the Information Governance senior management team with operational and strategic priorities.
• Offer Information Governance perspectives on emerging cyber threats.
• Review and help maintain key documentation, including privacy notices, Record of Processing Activities, and Information Asset Register.
• Support and train Information Asset Owners to create and maintain an inventory of data and information assets in line with relevant legislation.
• Advise and, where necessary, provide practical support for completing Data Protection Impact Assessments, ensuring accurate records for regulatory compliance.
• Champion a positive Information Governance culture, promoting the principle that Information Governance is everyone’s responsibility.
• Use the Data Security and Protection Toolkit to assure that information assets are secure and personal data is handled correctly.
• Contribute to the development of organisational policies, standards, and guidelines for methods and tools.
• Identify stakeholder communication needs and translate engagement strategies into actionable activities and deliverables.
• Apply risk assessment and risk management principles to Information Governance decision-making.
• Assess legal and best practice issues, promoting awareness of confidentiality and privacy laws.
• Support the creation of performance measures to monitor Information Governance priorities effectively.
• Assist in developing and monitoring organisational policies and processes related to Information Governance.
• Track data security and protection trends, proactively assessing their impact on business strategies, benefits, and risks.
• Evaluate risks to data confidentiality, integrity, and availability, supporting reviews of security controls and risk assessments, including post-breach analysis.
• Consult and collaborate on policy development, ensuring Trust policies, procedures, privacy standards, and guidelines align with recognised Data Protection practices.
• Consider risks associated with processing operations, considering their nature, context, and purpose.
• Identify and manage risks related to personal data breaches or cyber incidents, activating agreed procedures, coordinating with third parties, and ensuring statutory timelines are met. Notify the Information Commissioner’s Office when legally required.
• Contribute to formal reports for management on the effectiveness of controls and compliance with standards, regulations, and legislation.
• Adapt responses to changing circumstances, new information, or evolving business requirements.
• Direct others to complete specified tasks within defined timescales.
• Align actions with Trust objectives and strategies, keeping the broader strategic context in mind.
• Understand organisational hierarchy and culture, as well as supplier and partner structures, to identify decision-makers and influencers.
• Engage stakeholders with confidence and professionalism, influencing and persuading effectively even without formal authority.
• Make timely decisions, considering priorities, constraints, risks, and available resources.
• Build relationships and maintain an open culture, communicating effectively across diverse backgrounds and adapting style to suit different audiences.
• Monitor progress against targets, addressing issues promptly and escalating where necessary.