By Marcus Grazette, Europe Policy Lead at Privitar
Introducing Policy Perspectives, our quick reactions to events as they unfold and reports as they are published. You’ll find more in-depth analysis in our longer blog posts and in our whitepapers, but Policy Perspectives gives you the essentials as our quick response to changes in the policy world related to data privacy and protection.
The Ada Lovelace Institute and The Royal Society published their review of data sharing lessons from the COVID-19 pandemic. My key takeaway is around ‘data readiness’, in other words, the need to build systems and processes necessary to enable organizations to rapidly share data. The review considers data readiness in a public sector and health research context, but it can apply equally to any organisation’s internal data sharing or data access arrangements, such as to support data-driven decision making or analytics.
The review cites HDR UK’s Innovation Gateway and the London Datastore as examples of data readiness initiatives. They allow governance mechanisms, data request processes, and so on, to be developed up front and activated quickly when needed. The same logic is driving commercial initiatives (as we’ve seen through our work with ABN AMRO) to ensure timely access to data for internal projects.
The review highlights the importance of good metadata, which meant that health researchers knew what to expect from the data and what process to follow to access it. This enabled researchers not already embedded in the health community to contribute rapidly. Similar considerations apply in a business context. Good metadata means analysts can understand and find the data they need, reducing time to data.
The review says that “nervousness about compliance sometimes meant that data was not shared when it could have been” and suggests that template data sharing agreements might help. I agree. Investing up front in robust processes to govern access to data can help organizations to manage legal uncertainty. The process, which will include internal checks and balance and be based on a clear understanding of the data (informed by metadata), helps to mitigate the legal risks associated with using data.