Information Governance Manager

What You Will Do

Information Governance

• Lead IG strategy aligned to UK, NHS and Philippines frameworks.
• Oversee policies, DPIAs, Data Processing & Sharing Agreements.
• Lead the DSP Toolkit return and audit activity.
• Monitor conformance and drive corrective actions.

Cyber Security

• Implement Cyber Security policies under the SIRO.
• Lead ISO 27001 recertification, internal audits, and remediation.
• Work with infrastructure/product teams on data security and incident handling.
• Oversee playbooks and ensure measurable risk reduction.

Digital Clinical Safety

• Collaborate with IT, Clinical, Legal, HR, SIRO, and Caldicott Guardian.
• Maintain the Digital Clinical Safety Policy with CMO/CTO.
• Lead biennial reviews for DCB0129/0160 and MDD compliance.
• Oversee training compliance and safety case documentation.

Quality Management

• Lead the ISO 9001 aligned Quality Management System.
• Manage ISO 9001 audits, internal programmes, and recertification.
• Maintain organisationwide regulatory conformance mapping.

CrossDomain Governance

• Run IG & Cyber Security Committee operations and reporting.
• Manage governance risks, actions, and training records.
• Ensure documentation, logs and artefacts are audit ready.

Youre a trusted, calm, and influential leader who communicates clearly, brings people together, and drives continuous improvement. You challenge outdated processes, lead change confidently, make sound decisions under pressure, and build strong relationships across clinical, technical and corporate teams.

You can translate complex data into clear plans, write concise strategic updates, mentor your team, negotiate effectively with stakeholders, and maintain exceptional attention to detail.

A full UK driving licence and access to transport are required due to travel expectations.

• Governance, risk, or compliance experience in healthcare or a regulated sector.
• Ability to set strategic vision and align departmental goals.
• Strong analytical capability and data-driven decision-making.
• Deep understanding of IG legislation, ISO standards, cyber frameworks & NHS digital safety protocols.
• Budget ownership and monitoring experience.
• Leadership across multidisciplinary technical and clinical teams.
• Strong resource planning and prioritisation skills.
• High proficiency with Microsoft platforms and governance tooling.
• Experience working with SIRO, IAOs, DPO, Caldicott Guardian, operations, shared services and certification bodies.
• Procurement, vendor management and contract negotiation experience.
• Multisite or international healthcare experience.
• Experience with audits, regulatory inspections, and digital clinical safety standards (DCB0129/0160, MDD).
• Incident response and third-party risk management.

This post is subject to the Rehabilitation of Offenders Act (Exceptions Order) 1975 and as such it will be necessary for a submission for Disclosure to be made to the Disclosure and Barring Service (formerly known as CRB) to check for any previous criminal convictions.