The Child and Family Agency was established on 1^st January 2014 and is responsible for a range of statutory functions including provision of child protection, alternative care, specified regulatory services and a range of family support services.  The Agency has commenced a major improvement programme with significant focus on Practice, Culture and Structure.

The Agency currently has responsibility for a budget of circa €1.2billion and delivers its services through over 5,500 people in 259 locations across the Country.

The Child and Family Agency has responsibility for the following range of services:

• Child Protection and Welfare
• Parenting, Family Support and Early Help Services
• Alternative Care
• Birth Information & Tracing and Adoption
• Tusla Education Support Services (TESS)
• Children’s Service Regulation
• Counselling and Therapeutic Supports

Further information is available on www.tusla.ie

Data Protection Unit (DPU)

Tusla processes a large volume of highly sensitive personal data on a daily basis in order to deliver the critical services it provides to Children and Families across the State. In doing this, Tusla must ensure that it has adequate organisational and technical measures in place; that the rights and freedoms of Tusla service users are respected and that privacy risks to those rights and freedoms are minimised; and that a fit for purpose operating model for Data Protection and Freedom of Information (FOI) and is implemented.

The role of the DPU includes:

• Data Protection Operations, such as data subject requests (access, erasure, rectification etc.); managing personal data breaches; provision of a data protection helpdesk to all staff; and support for the regional Privacy Officer Network
• Data Protection Compliance
• Data Protection and Privacy technical advice and support
• FOI compliance

The DPU also leads Tusla’s GDPR Programme, a multi-annual strategic transformation programme. The GDPR programme focuses on driving a wide range of improvements in Tusla's data protection and FOI compliance and control environment, including for example:

• Data Protection Operating Model Design and Implementation, such as policy and process enhancements or organisation design changes, including the establishment of regional privacy network;
• Data Protection Impact Assessments and Third-Party Privacy Risk Management, to assess complex data processing activities and third party data sharing arrangements to identify the required privacy safeguards and controls;
• Regulatory Engagement with the Data Protection Commission and the Office of the Information Commissioner in relation to Tusla's regulatory obligations; and
• Change Management, Training & Awareness, to embed best practice data protection across Tusla and ensure all staff fully understand their roles and responsibilities in relation to data protection and FOI compliance.

Further information is available on www.tusla.ie

Main Duties and Responsibilities

Data Protection & FOI Operations

• Identify, develop, and implement efficiencies to ensure the region function to a high level
• Lead on awareness raising initiatives promoting best practice for compliance with GDPR and FOI legislation
• Work with key stakeholders to ensure appropriate development and adherence with data sharing agreements
• Proactively collaborate with records management office on matters related to FOI / GDPR.
• Ensure there is an efficient and effective system to support processing of  Data Subject Rights Requests and FOI in line with legislation.
• Act as an operational escalation point for the Privacy and FOI Network nationally and for regional and national service business support leads.
• Manage and support regional employees on reporting, investigation, and remediation of local area breaches.

Stakeholder Engagement

• Lead and convene the Privacy and FOI Network Governance Group on a bi-monthly basis. Comprising of senior representatives from the Agency, this group works towards embedding a high functioning Privacy and FOI Network in the Agency.
• Engage with Regional, Directorate and Services teams to promote Network priorities.
• Represent the DPU at national training and awareness raising events.
• Attend DPU management meetings where required.

Processes and Procedures

• Work closely with the DPU leads to ensure new processes and procedures are fit for purpose for the Network.
• Operationalise Standard Operating Procedures for the processing of Data Subject Rights Requests, FOI request requests, breaches, and queries.
• Liaise with the DPU leads on development of appropriate training for the Privacy and FOI Officers.

Data Protection Advisory

• Primary escalation point for regional Privacy and FOI Network on data protection related queries.
• Deliver presentations, reports, updates to senior management as required.
• Manage and support the region in advisory and communications functions.

Health & Safety

• Comply with and contribute to the development of policies, procedures, guidelines and safe professional practice and adhere to relevant legislation, regulations and standards.

• Have a working knowledge of the Health Information and Quality Authority (HIQA) Standards as they apply to the service for example National Standards for Child Protection and Care and comply with associated Tusla – Child and Family Agency protocols for implementing and maintaining these standards as appropriate to the role.
• To support, promote and actively participate in sustainable energy, water and waste initiatives to create a more sustainable, low carbon and efficient health service.

The above Job Description is not intended to be a comprehensive list of all duties involved and consequently, the post holder may be required to perform other duties as appropriate to the post which may be assigned to him/her from time to time and to contribute to the development of the post while in office.

Applicants must by the closing date of application have the following:

• Have a third level qualification in a relevant discipline, and / or have a formal Data Protection certification / qualification.
• Have at least 3 years’ management experience – managing staff, budgets and general administration.
• Experience of managing and working collaboratively cross functionally with multiple internal and external stakeholders, as relevant to this role.
• Experience in a senior role that has included some or all the following:
  • Experience of dealing with Data Protection Issues
  • Management of FOI requests/ Reviews
  • Complaints management
  • Compliance Assurance
  • Have the requisite knowledge and ability (including a high standard of suitability and management ability) for the proper discharge of the duties of the office.

Health

A candidate for and any person holding the office must be fully competent and capable of undertaking the duties attached to the office and be in a state of health such as would indicate a reasonable prospect of ability to render regular and efficient service.

Character

Each candidate for and any person holding the office must be of good character.