Information Governance and Data Protection Officer

The Arden & GEM IG Team provides support, guidance, and advice to assist practices in maintaining compliance with IG legislation, NHS protocol and guidance. Support is delivered by an experienced team of IG Managers who are qualified to Foundation and Practitioner level in UK Data Protection Act 2018, encompassing all aspects of common-law duty of confidence, information security, DSP Toolkit and Caldicott standards. They work very closely with, and are aligned to, other IT services to provide assurance to GP practices of overall IG compliance.

Information Governance focussed areas of support include:

  • Advice and support to the Data Protection Officer as part of the overall IG Support Service.
  • Expert advice around GDPR and DPA 2018.
  • Advice on National Security Directive and National Data Security Standards.
  • Advice and support to GP Practice to complete the DSP Toolkit (formerly IG Toolkit).
  • Review of the current IG policies for GP practices.
  • IG training (over and above the online module) to GP practices, if requested.
  • Support and advice for managing and investigating IG breaches and significant events / incidents.
  • IG advice to projects, including the review of DPIAs and Data Sharing Agreements prior to DPO approval.
  • Support and provide advice for managing and investigating IT significant events / incidents that may have IG implications for GP practices.
  • An annual review of processes which have caused an IG breach or near miss and advise affected GP practices where improvements could be made.

The DPO focussed areas of support include:

  • Support to GP practice for data protection queries.
  • Provision of independent and highly developed specialist knowledge and advice to GP Practices to ensure they remain compliant with changing legal requirements, including the General Data Protection Regulations (GDPR).
  • Independent risk-based advice to GP Practices to support decision making in the appropriateness of locally implemented Data Protection Impact Assessments (DPIA) for processing personal and other types of data within the principles and rights laid down in the GDPR and national legal requirements for regional projects.
  • Review and approval of DPIAs and DSAs on behalf of GP practices.
  • Advice on complex, sensitive or contentious GDPR and data protection issues and information sharing issues.
  • Acting as the point of contact for data protection issues and co-operation with with the Information Commissioners Office (ICO).
  • Consulting with the Information Commissioner’s Office (ICO) where proposed processing poses a high risk in the absence of proposed mitigations.
  • Provision of a quarterly DPO activity report provided to CCGs covering GP practices data protection activity, without prior oversight of the practice.

Frequently asked questions about our Information Governance service:

How will I contact IG Service/DPO function?

In the first instance, please email us at

Alternatively, you can also contact the Service Desk via the normal number and choose the appropriate option:

  • You can call us on 0345 0348690
  • Email us at
  • You can use the live chat function on our website
  • You can register for our support portal to log and track your incidents
Who is our new named DPO?

The named DPO for the service is Judith Jordan, who leads a team of practitioner trained Data Protection Officers.

How can I contact the Data Protection Officer?

The DPO function is a 9 to 5 support service and can be accessed via email or telephone. Emails from practices must be sent from an ‘’ email only, with a subject line reading ‘GP-DPO-[query]-[name of practice]’ and must contain an email signature with the full name, role and contact details of the sender.

How this service compare to the service that we use to receive?

The service/support we provide GP practices offers a greater depth of knowledge and support for IG and DPO related issues and queries.  Arden & GEM currently provide IG and DPO services to nearly a thousand GP practices across the nation.  Hampshire and the IOW will benefit from highly experienced and trained staff in Information Governance and Data Protection. Our team are all Foundation and Practitioner trained in GDPR and Data Protection and will provide GP practices with the support they need for IG and DPO matters.