Information & Data Officer

Location - Bristol
Employment Type - Full Time - Permanent
Salary - £24,000 - £35,000
Hours Per Week - 37.5

Reporting to the Information & Data Manager and based within the Regulatory Services Department, the role will involve developing the data protection compliance framework for the company, ensuring privacy and data protection compliance and advising key stakeholders on data privacy issues.

To be suitable for this role, you will have a genuine interest in GDRR, Data Protection and Data Privacy. You will demonstrate this through prior experience working within a Data Protection job role or prior research into various real life Data related articles.

Key Responsibilities:

  • Supporting the Data Protection Officer and Information & Data Manager to manage the development and implementation of data protection and information security standards and processes.
  • Reviewing internal policies and procedures to ensure compliance with legislation and regulation.
  • Managing and assessing new projects, initiatives and business processes through the DPIA life cycle.
  • Assisting the Information & Data Manager to develop and incorporate privacy controls, including monitoring business completion of supplier audits and due diligence assessments as part of the supplier risk management framework.
  • Developing privacy training and awareness programmes to include issuing group wide communications.
  • Supporting the operational processes to embed excellent privacy and data governance to include data mapping.
  • Identifying risks, requirements and areas of improvement.
  • Analysing data protection incidents to identify trends and training requirements.
  • Monitoring, logging and responding to data protection queries in the Regulatory Services Mailbox.
  • Providing support, where necessary, for other members of the Regulatory Services Team with regulatory requirements.
  • Researching and documenting future requirements driven by changes in legislation.

You’ll have the following skills & experience:

  • An understanding of UK and EU Data Protection and privacy legislation.
  • General knowledge of the insurance industry and how it operates i.e. products, institutions, which areas are regulated and by whom is desirable.
  • Able to explain data topics to people from a wide variety of backgrounds in clear terms to inform decision making.
  • Previous experience with managing data subject rights requests and data breaches is desirable.
  • Strong interpersonal skills with the ability and confidence to engage with colleagues throughout the business and at all management levels.
  • Attention to detail with excellent written and oral communication skills.
  • Ability to respond logically with alternative outcomes and advise key audiences within the business.
  • Ability to provide and deliver solutions as required by the business

Who We Are
At Somerset Bridge Group we aim to build a sustainable and innovative business focused on underwriting, broking and claims handling of UK motor insurance, offering transparent products and an efficient and fair service to our policy holders.