An experienced data protection and information security leader with in-depth knowledge of UK and European Data Protection legislation and a strong technology background.
Experienced at identifying risk and opportunities in data processing, setting improvement objectives and action planning to affect behavioural change. Expertise in sensitive data processing and online/cloud infrastructure
I focus on improving the operational capabilities of organisations to honour fully the legal responsibilities and duty-of-care they have to data subjects. To do this requires a cogent case for change, a clear vision for the future and the correct people, skills and systems.
Knowledge
UK GDPR
Data Protection Act 2018
ICO Accountability Framework
Privacy in Electronic Communications Act (PECR)
Cyber Essentials
ISO27001 (2013 & 2022) , 27701, 27017, 27018
NHS Data Security and Protection Toolkit
Cloud and on-site IT infrastructure
Personal skills
Analysing data
Problem solving
Consulting with people
Constructing strategic narrative
Developing and improving systems
Researching & learning
Counselling and guiding people
"
…fiercely bright, personable, savvy, diligent, highly capable…
/ midlands - digital agency /
Recent experience
NATIONAL HOME BASED CARE PROVIDER
Data Protection Officer (Interim)
Risks, recommendations and Privacy Programme implmentation
Data Flow Mapping exercise
GDPR Contract review and updates
Compliance visibility solution
Standard Operating Procedure creation
Employee awareness raising campaign
Privacy Compliance Assesssment
Enterprise Data Protection Impact Assessment exercise
Cyber Essentials Accreditation
Privacy improvement Action Plan - Design and Progress Monitoring
Public health england
Health App compliance and endorsement platform for the NHS
Design and build of online assessment platform Alpha and Betas
Review of user testing and feedback
Publication of guidance on gov.uk
Design and implementation of assessment criteria and process for ensuring the compliance and efficacy of Health Apps.
Data protection criteria and management requirements
NATIONAL ONLINE LEGAL SERVICES PROVIDER
Risks and recommendation project
GDPR and PECR compliance review
Risk identification and prioritisation
Privacy improvement recommendation report.
NATIONAL CLINICAL CARE PROVIDER
Risks and recommendation project
Privacy priority action report
Sensitive data handling review
Risk Identification