Summary: The Senior Data Governance Manager will lead the design of a secure data-sharing framework for the BOLD Mental Health Programme, focusing on creating legal and operational blueprints for data-sharing across the Criminal Justice System and NHS. This role requires expertise in information governance, compliance modeling, and stakeholder engagement to facilitate secure data exchange. The position is primarily design-focused and involves collaboration with various governmental organizations. The role is based in London with a hybrid working arrangement.
Key Responsibilities:
- Lead the design of a lawful and secure data-sharing framework for the BOLD Mental Health Programme.
- Act as the Information Governance anchor, mapping compliance models and assessing risks.
- Align stakeholders across MoJ, DHSC, and NHS England for secure data exchange.
- Develop Data Protection Impact Assessments (DPIAs) and Data Sharing Agreements (DSAs).
- Document critical decision points and present assurance paths to senior leaders.
- Establish governance models considering future operational constraints.
- Collaborate on operational governance and data request workflows.
Key Skills:
- Expert-level experience in designing data-sharing frameworks within public sector.
- Deep knowledge of UK GDPR and Data Protection Act 2018.
- Experience in developing DPIAs and DSAs.
- Strong ability to align solutions with MoJ and NHS England standards.
- Exceptional communication and stakeholder engagement skills.
- Ability to operate in a design-only capacity.
- Understanding of data flows and data gateway mechanics.
- Familiarity with Cyber Essentials Plus and government security standards.
Salary (Rate): £650 per day
City: London
Country: UK
Working Arrangements: hybrid
IR35 Status: outside IR35
Seniority Level: Senior
Industry: Other
Senior Data Governance Manager | Outside IR35 | £650 per day | 1 day in London per week
The Role
We are seeking a Senior Data Governance Manager to lead the design of a lawful, proportionate, and secure data-sharing framework for the BOLD Mental Health Programme. You will join a multidisciplinary "Rainbow Team" tasked with delivering Phase 1 of the Health-Justice Data Gateway Foundations Blueprint.
This is a design-only, pre-delivery phase focused on creating the legal, information-governance, and operational blueprints necessary to enable sustainable data-sharing across the Criminal Justice System (CJS) and the NHS. Fragmentation between existing systems currently limits continuity of care and early intervention for individuals traversing custody, probation, and health services. In this role, you will act as the Information Governance (IG) anchor, mapping out complex compliance models, assessing risks, and aligning stakeholders across the MoJ, DHSC, and NHS England to pave a credible path toward secure data exchange.
Skills and Experience Required
-
Information Governance Blueprinting: Expert-level experience designing complex data-sharing and assurance frameworks within public sector or highly regulated spaces.
-
Legal & Compliance Modeling: Deep knowledge of UK GDPR and the Data Protection Act 2018, with proven ability to evaluate and propose robust controller/processor and joint-controller frameworks.
-
Risk Assessment & Documentation: Experience developing and formalising outline Data Protection Impact Assessments (DPIAs) and Data Sharing Agreements (DSAs).
-
Cross-Government Alignment: Strong ability to interpret and align solutions with disparate organisational principles, specifically mapping to MoJ information assurance and NHS England data access, secure environment, and transparency standards.
-
Stakeholder Engagement: Exceptional communication skills with a track record of driving consensus, documenting critical decision points, and presenting credible assurance paths to senior leaders and cross-agency partners (eg, MoJ, DHSC, NHS England).
-
Pragmatic Problem Solving: Ability to operate in a design-only, pre-build capacity to establish "decision-ready" governance models that consider future operational and technical constraints.
Technical Experience and Tooling
-
Data Architecture Familiarity: A solid understanding of data flows, identity matching, and data gateway mechanics to ensure that proposed legal and governance models are technically viable.
-
Cyber & Security Frameworks: Familiarity working within environments adhering to the Cyber Essentials Plus scheme and government digital/data security standards.
Specific Deliverables/Artifacts
-
Draft Legal and Governance Blueprint: Comprehensive framework including proposed controller/processor models, governance options, and documented partner decision points.
-
DPIA & DSA Foundations: An outline approach and framework for future Data Protection Impact Assessments and Data Sharing Agreements.
-
Operational Governance Input: Collaboration on the end-to-end operating model mapping out data request, approval, and access audit workflows.
Working Arrangements
One day per week in our London office, alongside remote work. Working arrangements may vary slightly by project life cycle needs.