Regulatory Compliance Manager

Employer

Neil Bryers

Salary from

£35000

Location

Mansfield

Nottinghamshire

Industry

IT

Share this

Role: Regulatory Compliance Manager (Healthcare Software)

Location: Mansfield, Nottinghamshire

Salary: DOE £35-45k + Bonus + Benefits Package

Start: ASAP (Remote interview & on-boarding)

Are you a compliance expert with experience in internal auditing, achieving ongoing ISO certification (ISO9001 & ISO27001), continual improvement, GAP Analysis and creating compliant management systems?

If so, an exciting opportunity has arisen with our client who provides leading software platforms within the Healthcare sector, supplying Electronic Patient Record (EPR) and Patient Administration Systems (PAS) solutions throughout the UK.

In this role you will be the Person Responsible for Regulatory Compliance and dedicated Data Protection Officer (DPO) central to the Company’s strategy in maintaining regulatory compliance and driving sustainable improvements in Data Protection, quality and security.

You will be expected to work autonomously and to proactively drive the continued compliance with regulations. You will be required to have an understanding of the current landscape of information technology (IT) and ideally, Healthcare to ensure the Company is prepared for any changes in the regulatory landscape.

You will be a key member of the team across the Company and lead in promoting ongoing compliance with regulations. This will include the development of assessments and systems to monitor and report against a wide range of key regulatory focus areas.

Role

  • You will represent the Company in DPO and compliance activities, audits with internal stakeholders, customers, vendors and standards companies.
  • Provide practical data protection advice, guidance and assistance including meeting our obligations under the data protection law
  • Plan and conduct internal audits for all certifications, particularly ISO 9001/27001; including audits of 3rd parties, ensuring audit results are captured and communicated
  • Brief teams on the requirements of external audit and the evidence that needs to be retained and presented to show compliance.
  • Manage external audit activities, directing activity during the audit, supporting colleagues in evidencing processes, and communicate results and actions plans
  • Track and manage to resolution non-conformances from internal and external audit
  • Act as subject matter expert in formal management reviews of GDPR, QMS (ISO9001) and ISMS (ISO27001).
  • Complete and submit the Data Security & Protection (DSP) toolkit, seeking advice and approval from the management team
  • Plan, lead and document risk analyses to company standards and processes including management of risk registers
  • Propose and develop appropriate security and compliance policies and procedures along with internal stakeholders to ensure viability along with business practice.
  • Lead on activities required to update current certifications as requirements change
  • Review Group standards proposals and produce gap analyses identifying areas of difference and the necessary activities to bridge the gap, along with recommendations for action
  • Act as a focal point for compliance and information security-related queries from colleagues, customers and vendors including during tender processes
  • Adopt an understanding of clinical safety and product medical accreditation systems for company compliance
  • Conduct Data Protection Impact Assessments.
  • Review and align IT policies and processes to current and emerging legislation and industry best practice.
  • Create awareness programmes to engage employees.

To be successful:

You should have a strong working knowledge of the following:

  • ISO 9001 controls and internal audit
  • ISO 27001 controls and internal audit
  • Data Privacy Officer knowledge & experience
  • GDPR
  • NHS Governance Toolkit/DSPT
  • Relevant Legislation
  • You will have experience of planning and conducting audits for ISO9001 and ISO27001.
  • Knowledge of compliance requirements and audit experience for Cyber Essentials/Plus.
  • Experience in creating and monitoring compliance programmes
  • Experience working with auditors.
  • Exceptional communication and interpersonal skills, both written and verbally across all levels.
  • Motivated organisational skills with an ability to work to tight deadlines and manage your workload effectively.
  • You should be a team player but comfortable working under your own initiative.
  • You should be excellent problem solver with great attention to detail.
  • Flexible and innovative approach.
  • You will be keen to adopt other regulatory standards to include in the company compliance improvements.
  • Qualified as auditor
  • Highly developed analytical skills with a keen eye for detail. Ability to analyse and understand business processes, policies and practices and to assess risks.
  • Strong communication skills in English across both written and verbal mediums.
  • Able to tactfully influence peers and possess sufficient self-confidence to question the veracity of systems, practices, procedures and policies.

Desired:

Experience with the following are desireable:

  • ISO9001
  • ISO27001
  • EU MDR
  • ISO 13485
  • GDPR
  • Healthcare Experience
  • Clinical Safety and CE Marking/medical device knowledge
  • Cyber Security Essentials
  • ISO 14971.

If you wish to apply for this position, please email us at apply@som-3.com