Legal Compliance Officer (Data Protection) - Harlow Council

Legal Compliance Officer (Data Protection) – Harlow Council

Location, Harlow

Full time, Temporary

6 Month Contract

£35 per Hour (Umbrella)

Closing Date: Monday 15th September 2025  

Essex County Council (ECC) are delighted to be supporting Harlow Council to recruit a Legal Compliance Officer, on a full-time temporary basis. 

Please note that this post requires the successful individual to be based on site, 3 days per week. Increasing to 4 days, January 2026.

Harlow is a district of contrasts and an ideal location to both live and work. The town itself is thriving, with excellent shopping and leisure facilities for all ages. We have good road links to the M11 and M25 and excellent rail connections to London and Stansted Airport, just 35 minutes and 20 minutes away from Harlow respectively.

Job Purpose:

To support the Legal Services department with statutory and organisational compliance through the provision of general and specialised activities across all areas of the Service.

The Role:

• To have responsibility for managing requests for information received under FOIA and EIR and to respond on behalf of the Council to all hybrid FOIA requests, seeking support from the Legal Services Manager in cases of complex requests.
• To have responsibility for responding to personal data requests (Subject Access Requests) made under DPA 2018 and GDPR, seeking support from the Legal Services Manager in cases of complex requests.
• To take the lead on managing and responding to internal and third-party personal data sharing requests under DPA 2018 and GDPR, seeking support from the Legal Services Manager in cases of complex requests.
• To be responsible for undertaking processes and requirements for compliance with and reaccreditation of the Legal Service’s LEXCEL accreditation.
• To have responsibility for the processing and prompt payment of invoices in accordance with agreed timescales using the Council’s systems

Duties Include but Not Limited to –

• Access and monitor information requests received under FOIA that require the disclosure of information from multiple departments/services of the Council (“hybrid FOIA requests”) using the Council’s electronic system.
• Ensure that hybrid FOIA requests are answered within the statutory timeframes.
• Draft and send response letter and disclosure of requested information to the FOIA requestor
• Provide advice and assistance to departmental FOI officers in relation to the answering of FOIA requests and any applicable exemptions, seeking support from the Legal Services Manager in cases of complex requests.
• Access and monitor personal data requests (“Subject Access Requests”) under DPA and GDPR using the Council’s electronic system.
• Draft and send the SAR response letter.
• Ensure that personal data requests are answered within the statutory timeframes.
• Liaise with the relevant department requesting the data sharing in order to obtain further information in relation to the legal basis/exemption (if any) to allow the Council to disclose personal data from one department to another, with or without that data subject’s consent.
• Conduct file reviews ensuring LEXCEL compliance and produce an electronically generated report to the Legal Services Manager as at agreed timeframes.
• Keep and update electronic records in relation to invoices processed and paid and provide to the Council’s Finance Service within agreed timeframes.

The experience you will bring:

• Working knowledge of legal practice compliance
• Knowledge and understanding of the Data Protection Act 2018 and the General Data Protection Regulations 2016/679 (GDPR)
• Experience of dealing with and responding to Freedom of Information Requests, Subject Access Requests and third-party requests for personal data.
• Flexible with balance of office-based working and working from home (full time office working is available if desired, subject to any change in risk assessments).
• Knowledge and understanding of information governance legislation including but not limited to: Freedom of Information Act 2000, Environmental Information Regs. 2004, Data Protection Act 2018, GDPR 2016/679

What you should do next

If you are interested in finding out more about this role, we would love to hear from you. Please apply via the Working for Essex website. If you have any queries relating to this post please email Ashleigh.Drake@essex.gov.uk