Data Sharing Agreement

I’ve been lucky to work beside Alex Leigh with a number of clients over the past few years and love working with him as our skills sets are complimentary. Recently I’ve received a lot of questions on Data Sharing Agreements and I thought that Alex would be the best person to shed some light on this topic. This is what he had to say:

What are data sharing agreements and where do they fit in a Data Governance framework? On first analysis, it’s not obvious that they do! However, they are relevant when we consider the scope of that framework.

The production, manipulation and use of data outside of our organisations are often forgotten when considering data quality. We focus on internal ingress points which are mostly controlled through our own stewards and producers.

This can be a dangerous assumption as external data is far more common than we might think. It fits into two distinct areas:

– Additional data sets. These are often paid-for datasets which augment or enrich what an organisation internally holds.

– Collaborative data sets. These are mostly found in areas of shared working with other organisations. Research data is the most common of these.

A data sharing agreement (DSA) can be thought of as a data ‘passport’ assuring the quality and integrity of the flow between external and internal organisations.

This all sounds promising until we realise there is no standard data sharing agreement. This isn’t surprising when you consider the breadth of any such document. It may have a very narrow focus on data quality or a wider one including security, frequency, single or two-way flow etc. So we can see a DSA must be aligned with the business value of the data being shared.

Regardless of the breadth, any successful DSA must include:

– Quality rules and tolerances. This covers off exactly what data we are sharing, what quality expectations (both schema and business rules) are we ‘signing up’ too and how that quality is being jointly measured.

– Accountability. The bedrock of any DSA! Who is accountable for the data and at what point – if any – does this change from the external to the internal organisation.

– Breach protocols. How is that accountability used in an operational environment when the quality rules are breached?

To meet these three criteria, any DSA needs an agreed measurement and management approach. Without this, it is nothing more than a worthless paper exercise.

Now we’ve established that creating and managing a DSA is an important consideration in any Data Governance framework, where do we start? We recommend two approaches; firstly see what is being used at the moment in your organisation. It may not be fit for purpose, but it will be a basis to build on.

Secondly, consider talking to your Data Protection Officer. While the DPO will be focused primarily on Data Privacy Impact Assessments, they will have experience of working with external organisations and their guidance will certainly support you in developing new DSA’s.

You may even be able to integrate the quality and associated criteria into existing documents and processes. This is an excellent example of where Data Governance can be in support of organisational capability. And that can only be a good thing!

In summary, a DSA is not a ‘quick thing’. It needs careful consideration both in terms of development and how it will operate in practice. Done properly though it will extend your Data Governance framework outside of your organisation potentially saving much time and frustration.

If you’d like to know more about how Alex and I can help your organisation implement Data Governance (and get DSA’s in place) please get in touch here.

Nicola Askham

I am an independent data management consultant. My experience in coaching both regulatory and non-regulatory organisations to design and implement full data governance frameworks, is unique within the Data Governance field. The coaching approach enables organisations to self manage the process beyond initial implementation, leaving them with a sustainable data governance framework. My coaching and Data Governance training workshops ensures that your data governance framework is embedded as an integral part of your business as usual policy. The benefit for you is that once the framework is in place your organisation will be confident, competent and compliant. I have worked in Data Management for twelve years, initially for a leading UK Bank, before becoming a consultant at the beginning of 2009. Most recently I have spent most of my time delivering data governance for Solvency II, but I also run Data Governance Training courses and coach organisations to implement data governance themselves. I am a Director and Committee Member of DAMA UK (I lead Phase 1 of the Data Quality Dimensions Working Group), on the Expert Panel of and regularly write and present internationally on data governance best practice. I regularly present both at home and internationally. I presented at the MDM Summit, the Business Analysis Conference and the Collibra European User Group in London and Enterprise Data World, Enterprise Dataversity and the IDQ Summit in the US in 2014. I presented at the Experian Data Quality Insurance Summit in March, deliverd tutorials and presentations at the Data Governance Conference in London in May, at DGIQ in San Diego in June and presenting at the Stibo MDM event in Berlin in October. I will be presenting next at the IRMUK EDBI Conference in London in November. Specialties: Data Governance, Master Data Management, Data Quality

Have Your Say:

CIO WaterCooler