Skip to main content

The Data Governance Act

A key pillar of the European digital strategy — the Data Governance Act (DGA) — aims to increase trust in data sharing, strengthen mechanisms to increase data availability, and overcome technical barriers to data re-use.

 A key pillar of the European digital strategy — the Data Governance Act (DGA) — aims to increase trust in data sharing, strengthen mechanisms to increase data availability, and overcome technical barriers to data re-use.

The DGA came into force in June 2022 and became applicable from 24 September 2023.

The initiative aims to make more data available and facilitate its sharing across European Union sectors and countries in order to harness the potential of data for the benefit of European citizens and businesses. The EU hopes that this will also lead to a reduction in time-to-market for novel products and services, as this will enable small and large firms alike to develop new data-driven products and services.

The EU will promote the development of reliable data-sharing systems through four measures that will:

  • Facilitate the re-use of certain public sector data that cannot be made available as open data.
  • Ensure that data intermediaries function as trusted organisers.
  • Make it easier for citizens and businesses to make their data available for the benefit of society.
  • Facilitate data sharing, in particular to make it possible to use data across sectors and borders, and to make it possible to find the right data for the right purpose.

How should organisations respond to the Data Governance Act?

Organisations will need to assess the impact of the DGA on their business and business model, identifying where changes are needed and where further attention needs to be paid to current processes.

Trusted advisers can help organisations understand how the DGA can be applied within their existing framework by:

  1. Building a strong and strategic programme for data governance. Developing data governance policies, procedures, and organisational structures to ensure proper data management and protection.
  2. Assessing the organisation’s existing data governance practices and policies to identify gaps and ensure alignment with the act requirements, providing recommendations, and actions plans for compliance.
  3. Defining requirements, such as how to re-use certain categories of data held by public sector bodies within the EU.
  4. Designing frameworks for the provision of data intermediation services.

A comprehensive plan that covers all the upcoming legislation covered by the EU’s digital strategy can create opportunities as well as mitigate risk. Read more about the impact of the Digital Markets Act.

Sign-up for the series and stay informed

This is just the second episode in our insightful and informative series “Prepared for the unexpected: the dynamic risks series”. If you would like to be notified when the next instalment is available click here.

The article is for information purposes only. Marsh makes no representation or warranty as to its accuracy. Marsh shall have no obligation to update the article and shall have no liability to any party arising out of this document or any matter contained herein. Any statements concerning actuarial, tax, accounting, labour, or legal matters are based solely on our experience as insurance brokers and risk consultants and are not to be relied upon as actuarial, tax, accounting, labour, or legal advice, for which clients should consult their own professional advisers. Any analysis and information are subject to inherent uncertainty, and the article could be materially affected if any underlying assumptions, conditions, information, or factors are inaccurate or incomplete or should change. Although Marsh may provide advice and recommendations, all decisions regarding the measures should be adopted are the ultimate responsibility of the client.