Subject Access Request Assistant

NHS

  • Chesterfield, Derbyshire
  • £23,875 per year
  • Permanent
  • Full-time
  • 6 days ago
The post holder will provide specialist administrative support for the management of Subject Access Requests (SARs) under the Data Protection Act (2018) and UK GDPR, as well as requests under the Access to Health Records Act. This will include the retrieval, preparation, redaction, and disclosure of health records, ensuring that requests are processed lawfully, accurately, and within statutory deadlines.The role requires excellent attention to detail, a sound understanding of confidentiality and data protection principles, and effective communication with patients, families, solicitors, coroners, and other stakeholders.Derbyshire Support and Facilities Services Limited currently do not offer a Certificate of Sponsorship, any applications which require sponsorship will not be consideredMain duties of the jobo Manage the receipt, logging, and acknowledgement of Subject Access Requests in line with published policy and statutory requirements.o Retrieve, copy, and prepare patient records, ensuring accurate redaction of third-party or sensitive information not subject to disclosure.o Ensure that requests are completed and dispatched within strict statutory timeframes (as per the service SLAs).o Liaise with clinical and non-clinical staff to obtain supporting information where required.o Provide clear, professional written and verbal communication with patients, relatives, and external requestors (e.g. solicitors, police, coroners).o Maintain a robust audit trail of all SARs processed to demonstrate compliance with legislation and internal policies.o Use the Trust's electronic health record systems and databases to track, retrieve, and record case progress.o Handle telephone, email, and in-person enquiries courteously and effectively, escalating complex cases when necessary.o Support the wider Information Governance / Health Records team in meeting regulatory compliance and good practice standards.o Always ensure confidentiality and information security, in line with NHS policy and the Caldicott Principles.About usDerbyshire Support and Facilities Services Ltd. (DSFS) is a subsidiary company that's 100% owned by Chesterfield Royal Hospital NHS Foundation Trust.DSFS has just over 900 staff across Soft and Hard Facilities Services, and our corporate services including, ICT, Patient Records, Switchboard, Procurement, Finance and Clinical Engineering. Very much part of the 'Chesterfield Royal family', DSFS builds on solid NHS foundations to offer a more commercial approach that's dynamic, flexible, and proactive.DSFS are proud to be striving to achieve a truly diverse and inclusive flexible workforce by valuing and welcoming everyone's abilities, uniqueness, and individuality. All our colleagues have the right to and should be able to feel 100% themselves at work; we believe that all our people add to and should improve our culture and not just fit in with it. By embracing our diverse backgrounds and differences our culture becomes richer and makes us stronger together.Derbyshire Support and Facilities Services Limited currently do not offer a Certificate of Sponsorship, any applications which require sponsorship will not be consideredPlease see below link for the DSFS website.DSFS - Derbyshire Support & Facilities Services Limited | DSFSWhen applying for roles please complete all sections of the application form.DetailsDate posted29 August 2025Pay schemeOtherSalary£23,875 a year pro rata per annumContractBankWorking patternFlexible workingReference number166-DSFS-7441669Job locationsDSFS-Chesterfield Royal HospitalTop RoadChesterfieldS44 5BLJob descriptionJob responsibilitiesPlease see the Job description and Person Specification in the attachments. This document contains a full detailed description of the role and what the main responsibilities and duties are along with the criteria that are required. Job descriptionJob responsibilitiesPlease see the Job description and Person Specification in the attachments. This document contains a full detailed description of the role and what the main responsibilities and duties are along with the criteria that are required.Person SpecificationQualifications and TrainingEssential
  • GCSEs in English and Maths (Grade C / 4 or above)
Desirable
  • Training or qualifications in information governance, data protection, or records management
ExperienceEssential
  • Previous administrative experience in an office or healthcare environment
  • Experience of handling sensitive and confidential information
Desirable
  • Experience of working with patient records and/or processing subject access requests
Skills and KnowledgeEssential
  • Good IT skills, including Microsoft Office and electronic records systems
  • Ability to apply knowledge of the Data Protection Act, UK GDPR, and Access to Health Records Act
  • Strong written and verbal communication skills
  • Excellent attention to detail and accuracy
  • Ability to prioritise workload, manage deadlines, and work under pressure
Desirable
  • Knowledge of NHS record-keeping systems (e.g. System C Careflow PAS, Civica Cito, Nervcentre EPR)
Personal AttributesEssential
  • Ability to work both independently and as part of a team
  • Professional, reliable, and approachable manner
  • Flexible and adaptable to meet service needs
  • Committed to upholding confidentiality and data protection principles
  • Willingness to undertake training and development
Demonstrates DSFS ValuesEssential
  • Responsive - Reliable - Resourceful - Respectful
  • Service Excellence Through Our People
Person SpecificationQualifications and TrainingEssential
  • GCSEs in English and Maths (Grade C / 4 or above)
Desirable
  • Training or qualifications in information governance, data protection, or records management
ExperienceEssential
  • Previous administrative experience in an office or healthcare environment
  • Experience of handling sensitive and confidential information
Desirable
  • Experience of working with patient records and/or processing subject access requests
Skills and KnowledgeEssential
  • Good IT skills, including Microsoft Office and electronic records systems
  • Ability to apply knowledge of the Data Protection Act, UK GDPR, and Access to Health Records Act
  • Strong written and verbal communication skills
  • Excellent attention to detail and accuracy
  • Ability to prioritise workload, manage deadlines, and work under pressure
Desirable
  • Knowledge of NHS record-keeping systems (e.g. System C Careflow PAS, Civica Cito, Nervcentre EPR)
Personal AttributesEssential
  • Ability to work both independently and as part of a team
  • Professional, reliable, and approachable manner
  • Flexible and adaptable to meet service needs
  • Committed to upholding confidentiality and data protection principles
  • Willingness to undertake training and development
Demonstrates DSFS ValuesEssential
  • Responsive - Reliable - Resourceful - Respectful
  • Service Excellence Through Our People

NHS