Summary
Overview
Work History
Education
Skills
Certifications Courses
Hobbies and Interests
Timeline
Generic

FRANK IYENGUNMWENA

Summary

A highly motivated and results-oriented Data Protection and Privacy Expert with a proven track record of ensuring compliance with GDPR and Data Protection Act 2018. Experienced in leading initiatives to safeguard sensitive data and mitigate operational, legal and regulatory risks across various sectors. Adept at driving privacy-enhancing strategies, fostering a culture of compliance, and achieving organisational goals. Strong analytical and interpersonal skills with a passion for continuous improvement, seeking to leverage my expertise and leadership skills.

Overview

4
4
years of professional experience

Work History

IG Privacy And Risk Officer(Deputy Manager)

SOUTH LONDON AND MAUDSLEY NHS FOUNDATION TRUST
11.2023 - Current
  • Spearheaded the development and implementation of comprehensive data protection compliance framework, encompassing policies and procedures, to significantly enhance data security and privacy practices across the organisation
  • Led the strategic direction of the team to achieve its goal of delivering assurance to executive management regarding the status of Data Protection Compliance as well as adequacy and effectiveness of risk management in mitigating key operational, legal and regulatory risks
  • Led the investigation and resolution of personal data breaches, ensuring prompt response and compliance with statutory deadlines, resulting in a 30% significant reduction in breach incidents and regulatory penalties within just 6 months.
  • Orchestrated the establishment and maintenance of the Record of Processing Activity, ensuring alignment with article 30 of the UK GDPR requirements, enhancing transparency and accountability
  • Negotiated and embedded robust data protection clauses in contracts, safeguarding the organisation's interests, mitigating legal risks and fostering trust with partners and stakeholders
  • Implemented comprehensive training programs for staff at all levels on Data Protection Act provisions, empowering staff to handle data responsibly and mitigate risks effectively, resulting in a 20% increase in data protection awareness and adherence to GDPR principles
  • Coordinated Data Protection Impact Assessments (DPIAs) and monitored the delivery of agreed actions, resulting in enhanced public and patient trust in data handling practices
  • Produced comprehensive reports for the team and Digital Services, providing insights for strategic decision-making and continuous improvement initiatives
  • Acted as an advisory resource on best practices in privacy, contributing to the development of a robust privacy framework aligned with health and social care regulations

Information Governance Officer

GUYS AND ST THOMAS' NHS FOUNDATION TRUST
05.2023 - 11.2023
  • Revamped incident management procedures, enhancing responsiveness and regulatory compliance, resulting in streamlined processes and improved incident resolution times
  • Provided expert guidance on GDPR principles, ensuring the rights of data subjects were upheld consistently, and breaches were reported promptly, fostering a culture of accountability and transparency
  • Implemented robust systems for processing information requests, ensuring adherence to statutory timelines and regulatory requirements
  • Coordinated Data Privacy Impact Assessments (DPIAs) and implemented privacy-enhancing measures, ensuring compliance with regulatory requirements
  • Fostered collaborative relationships with stakeholders, clinicians, and FOIA leads, facilitating efficient information sharing and compliance with legal obligations
  • Conducted audits to ensure adherence to Information Governance standards, providing assurance to senior management and regulatory bodies
  • Played a key role in the development and implementation of policies and procedures to enhance data protection practices across the organisation
  • Provided expert guidance and support to staff on data protection matters, resolving inquiries and issues in a timely and efficient manner
  • Contributed to the development of strategic plans and objectives for the Information Governance Department, aligning activities with organisational goals and priorities.

Data Protection Analyst

Rentokil
01.2021 - 05.2023
  • Championed a compliance culture, providing training and guidance to employees on GDPR principles, resulting in increased awareness, adherence to data protection principles and accountability across the organisation
  • Monitored data processing activities, handling initial data privacy impact assessment, identifying and mitigating risks, and ensuring adherence to data protection principles especially in line with GDPR/DPA 2018
  • Served as the primary point of contact for data protection inquiries, providing expert guidance and support to employees and stakeholders, demonstrating strong communication skills and expert knowledge
  • Investigated and resolved personal data breaches within strict deadlines, minimising reputational risks and ensuring compliance with regulatory requirements
  • Managed the record of processing activity in line with article 30 of the UK GDPR which enhanced accountability and transparency
  • Monitored completed Data subject access request(DSAR) ensuring that all requested data is fully gathered in line with established processes
  • Implemented data protection measures aligned with GDPR requirements, enhancing data security and privacy standards across the organisation
  • Conducted audits to ensure adherence to Data Protection standards, providing assurance to senior management and regulatory bodies.

Data Protection Assistant

M&S Bank
01.2020 - 12.2020
  • Maintained accurate customer records and processed subject access requests (SARs) efficiently, sending out final response letter to customers and Third party (Solicitors and claim management companies) on the outcome of their DSAR request, ensuring compliance with data protection regulations and enhancing customer satisfaction
  • Collaborated with the Data Protection Manager to conduct privacy impact assessments, identifying and mitigating risks to data subjects' rights and privacy
  • Identified training needs and provided bespoke data protection training to staff and relevant business areas based on business needs and gaps identified, fostering a culture of compliance and accountability, resulting in improved data handling practices
  • Acted as a liaison between internal and external stakeholders, ensuring timely and accurate responses to data protection inquiries and requests
  • Managed the awareness creation of data protection and promoting a positive data protection culture within the organisation
  • Managed the Data Protection Officer inbox and redirected queries to the relevant teams for processing
  • Updating records of processing activity in line with article 30 of the UK GDPR
  • Conducted comprehensive quality checks to ensure the decisions made are carried out in accordance with the in-house process guideline, as well as Financial Service principle of treating customer fairly.

Education

MSC (Hons) Political Science and Public Administration -

Istanbul Gelisim University
2022

B.S.C (Hons) Political Science -

Ambrose Alli University
2017

Skills

  • Experience in building constructive stakeholder engagement and collaborative relationships across business lines
  • Staff Training & Development, process improvement
  • Experience in Incident response & resolution
  • Excellent communication skills (written and spoken)
  • Experience of maintaining key documents such as plans, strategies, business cases, risk registers and briefings
  • Experience of Knowledge & Information Management legislation and policies in the public sector
  • Knowledge of complaint handling procedures, regulations and risk requirements
  • MS Word, MS Excel
  • Ability to handle confidential and sensitive data in line with the data protection act requirement
  • Experience in designing, delivering data protection/GDPR compliance programs
  • Broad understanding of applicable European and local Privacy laws and regulations such as GDPR, PECR, Privacy Shield etc
  • Ability to work to strict deadline

Certifications Courses

  • Certified Information Privacy Professional Europe (CIPP/E in view)
  • Certified European General Data Protection Regulation Foundation & Practioner ( In view).
  • Certified in Cyber Secuirty ( In view)

Hobbies and Interests

Reading, Travelling, Playing the piano, Meeting people

Timeline

IG Privacy And Risk Officer(Deputy Manager)

SOUTH LONDON AND MAUDSLEY NHS FOUNDATION TRUST
11.2023 - Current

Information Governance Officer

GUYS AND ST THOMAS' NHS FOUNDATION TRUST
05.2023 - 11.2023

Data Protection Analyst

Rentokil
01.2021 - 05.2023

Data Protection Assistant

M&S Bank
01.2020 - 12.2020

MSC (Hons) Political Science and Public Administration -

Istanbul Gelisim University

B.S.C (Hons) Political Science -

Ambrose Alli University

Similar Profiles

  • Chinasa Testimony Akujobi

    Chinasa Testimony AkujobiChinasa Testimony Akujobi

    Mental health nurse at South London and Maudsley NHS Foundation TrustMental health nurse at South London and Maudsley NHS Foundation Trust

  • John Sapani

    John SapaniJohn Sapani

    Clinical Service lead at South London and Maudsley NHS Foundation TrustClinical Service lead at South London and Maudsley NHS Foundation Trust

  • Anusha Gupta

    Anusha GuptaAnusha Gupta

    Volunteer at South London and Maudsley NHS Foundation TrustVolunteer at South London and Maudsley NHS Foundation Trust

  • Rachel Gritzman

    Rachel GritzmanRachel Gritzman

    General Manager at South London and Maudsley NHS Foundation TrustGeneral Manager at South London and Maudsley NHS Foundation Trust

  • Shelley McCabe

    Shelley McCabeShelley McCabe

    Team Leader at Kāinga Ora Homes And CommunitiesTeam Leader at Kāinga Ora Homes And Communities

CREATE PROFILE
FRANK IYENGUNMWENA