Information Risk Officer - Privacy

Job Description

At Accurx, we're on a mission to make patients healthier and healthcare staff happier. 💚

Who are Accurx? 🤔

We’re a fast-growing healthcare technology company which makes it easier for patients and healthcare teams to communicate.

Accurx is where conversations happen with and about patients. Our software helps doctors, nurses, pharmacists, administrators and other professionals to seamlessly connect with both patients and each other.

Our mission is simple: everything we do is to make patients healthier and healthcare staff happier. Today, Accurx is used in 98% of GP practices nationwide and every day more healthcare professionals are using our software in hospitals, pharmacies, care homes and the community.

We’re passionate about staying close to our users, which is why everyone at Accurx visits a GP practice at least twice a quarter to understand how a practice runs, the difficulties they face with technologies and how we can help.

Although we’ve initially tackled the UK healthcare system, we have big ambitions to improve healthcare systems across the world in the future. If you want to hear from some of our Accufolk about what it's like to work for us, take a look at a video from our 2023 summer conference!🤩

Life as an Information Risk Officer at Accurx

As an Information Risk Officer, you’ll be the key to driving a privacy and security-first culture across the organisation. Working with Information Security and other SMEs within the team, you will focus on making sure that Accurx complies with regulatory requirements and health data standards. You will collaborate with the Information Risk Lead and CISO to communicate the information security and data protection strategy to the rest of the company.

Key Responsibilities:

Data Protection and Information Governance

• Develop, draft and implement data protection policies and procedures owning this process end-to-end.
• Ensure compliance with privacy and protection laws including UK GDPR, through data processing agreement reviews, privacy impact assessments, records of processing activities and supplier due diligence.
• Handle and respond to individual rights requests in our role as Controller, and create a process for handling individual rights requests when Accurx acts as a Processor.
• Lead on security incident and data breach responses by assessing their severity and business impact, crafting remediation plans, fostering stakeholder collaboration, and keeping internal and external parties informed with updates.
• Advise and provide support to other departments across the organisation on an ad-hoc basis.
• Working closely alongside our Product teams by supporting them in creating secure and compliant products, this requires a true passion for understanding how all Accurx products work.
• Review policy documents from the information risk team, collaborating with other information security policy owners to ensure their policies are up-to-date and aligned with current controls and risks.
• Create processes, supported by key documentation and measurable objectives, to help mitigate the highest risks.
• Suggest secure and compliant methods and controls that help stakeholders build and maintain safe products and processes.

Assurance

• Obtain and maintain required certifications, such as the Data Security and Protection Toolkit, ISO27001, and others as necessary.
• Proactively understand NHS Information Governance standards, identifying how they apply to Accurx products and how they can create opportunities for the business.
• Keep up-to-date with any changes to privacy standards and audits, alerting the team to any new requirements that may come out.

What the team say ...

‘It’s a really exciting time to join the Information Risk Team! We’ve grown a lot lately and there’s lots of opportunity to shape up and implement a privacy programme across an incredible and mission-driven business.’ - Diana Borcila, Information Risk Lead

We'd really like to hear from you, if ...

• You have a solid grasp of Data Protection Legislation, such as the UK GDPR, Data Protection Act 2018, and PECRs.
• You are an analytical and process-driven professional.
• You display self-awareness and self-accountability in your work, championing all things information security and data protection at Accurx.
• You understand key product delivery principles and how to interact with product teams to ensure privacy by design.
• You can establish data protection processes within the organisation, tailoring them to fit its maturity and requirements, and continuously assess and enhance these processes as things evolve.
• You have excellent communication skills and can clearly outline requirements and risks to non-technical stakeholders (i.e. individuals who are not experts in your field.)
• You're mission-driven: you care about positively impacting the lives of millions
• You’re always collaborating: you place team success over personal success and you enjoy working in an open, collaborative environment.
• You demonstrate responsible ownership: when you see something not working, you'll flag it and be part of the solution
• You seek continuous improvement: you’re always developing new skills and insights, while exploring ways to do things better
• You’re mindful of balance: you're conscious of your own health and that of others. You think carefully about how best to focus your efforts, knowing when to push yourself to reach a goal.

Salary & Benefits package:

💰 £65,000 - £80,000 salary + the value of £31,500 share options

📚 £1,000 annual learning & development budget

🐣 Enhanced parental leave policy

🙏 Prayer, meditation and breastfeeding room

🗣 In house therapists available daily

🌴 Working abroad policy

👩‍🍳We have our very own Chef! Free healthy breakfasts, snacks and lunches will be provided, with the occasional sweet treat!

...And much more.

Diversity & Inclusion

Accurx is committed to being an inclusive employer - you can find out more about this commitment here. As part of this, we’re glad to accommodate candidates who need adjustments throughout the interview process.

We work in partnership with Stonewall as part of their Diversity Champions program. This is because we believe in a world where all LGBTQ+ people are free to be themselves and can live their lives to the full. Inclusive workplaces have a huge part to play in making this world a reality. 🏳‍🌈

We've officially been accredited as a flexible workplace by Flexa® Careers. 🙌

Remote Working? 🏡

We offer the team the option to work from home 2 days a week. Read more about our policy here.

Want to do a little more research before you apply? 📖

Head over to our main careers page to find out more about the team and our candidate hub. You can also find out more about us on Medium, LinkedIn and Twitter & Instagram.

Our YouTube channel is full of demos of our product, webinars we have held with our users and some clips about life at Accurx.