Transparency data

DSA Peer Review Group Minutes Tuesday, 28 April 2025 (HTML)

Updated 22 May 2025

© Crown copyright 2025

This publication is licensed under the terms of the Open Government Licence v3.0 except where otherwise stated. To view this licence, visit nationalarchives.gov.uk/doc/open-government-licence/version/3 or write to the Information Policy Team, The National Archives, Kew, London TW9 4DU, or email: psi@nationalarchives.gov.uk.

Where we have identified any third party copyright information you will need to obtain permission from the copyright holders concerned.

This publication is available at https://www.gov.uk/government/publications/meeting-minutes-for-the-data-standards-authority-governance-boards/dsa-peer-review-group-minutes-tuesday-28-april-2025-html

Attendees

  • Jenny Brooker, Chair  (DSIT)
  • John Olatunji (GDS)
  • Firoze Salim (GDS)
  • Idris Malji (GDS)
  • Murat Soncul (GDS)
  • Suzanne Fry (DSIT)
  • Peran Ainscliffe (DEFRA)
  • Matt Thompson (UKHSA)
  • Shona Nicol (The Scottish Government)
  • Matthew Webber (DEFRA)
  • Neil Cholerton (HO)
  • Marcus Stewart (TPR)
  • Kiran Mistry (GDS)
  • Ade Lawal (HMT)
  • Owen Evans (DWP)
  • Ricky Russell (GDS)
  • Philip McGinness (FCDO)
  • Andrew Newman (ODI)
  • James Hutchings (DFT)
  • Gavin Ajomale-Evans (DVLA)
  • Nick Keen (EA)
  • Graham McKenna (DWP)
  • Tom Chaloner (ES)
  • Jasbinder Singh (CO)
  • Myles Richardson (CH)
  • Jordan Dale (MHCLG)
  • Rebecca Russell (EA)
  • Molly Adamat (HMT)
  • Carla Jones (DVLA)
  • Hakem Abdullah (DVSA)
  • Megan Clokey (DCMS)
  • Sian Thomas (Business and Trade)
  • Teslim Abass (GDS)
  • Helen Balmforth (HSE)
  • Ben Hardie (HMT)
  • Lee Rob (HMRC)

Record of discussions

1. Welcome, introductions and agenda - Jenny Brooker JB, Chair  (GDS)

Jenny opened the meeting by welcoming all attendees and thanking them for their time. JB acknowledged the importance of the session and the 3 agenda items around Essential Shared Data Assets (ESDA) and Data Ownership Model, Trust Framework for the Public Sector Data Sharing and Personal Data Processing Principles. JB encouraged active participation and input from all members to ensure a productive session.

2. ESDA’s and Data Ownership Model - Firoze Salim, FS (GDS)

Notes:

FS opened his segment, highlighting the long-standing work through the Data Standards Authority (DSA) related to data criticality and data ownership models.

  • FS provided a brief history of the DSA’s work to develop and trial the ESDA and data ownership model.
  • FS updated the group that following the review of the Beta both artefacts had been updated and required final review before seeking approval from appropriate governance groups for publications
  • The artefacts have been revised based on participant feedback, with an emphasis on plain language and user needs, facilitated by collaboration with content writer Ricky Russell, RR (GDS).
  • FS invited the group to provide feedback by 2nd May to ensure the artefacts effectively reflect stakeholder views, particularly in relation to metadata guidance and ownership principles. FS assured the group that there would be further opportunities to review the artifacts before they are expected to be published in late May/early June.

Questions and Answers:

Matt Thompson, MT (UKHSA) raised concerns about the visibility of metadata within the Data Marketplace, specifically regarding the public naming of data owners.

Some departments have policies that prevent staff names from being made publicly visible.

  • MT asked whether access to metadata will require a government email or if it would be more broadly accessible.

Response from FS:

  • Departments have flexibility in how contact details are published.
  • Where direct naming of individuals is not suitable, a generic “data front door” email address can be used instead of specific names.

Further input from JB: - In the private beta, participating organisations implemented either: - A dedicated team to manage data access requests, or - A monitored generic inbox tied to data owners/stewards.

This structure allows departments to retain internal ownership while ensuring there is clear external access for data sharing enquiries via a managed contact point.

MT asked whether the guidance applies to organisations like NHS England, given their evolving relationship with central government.

Response from FS:

  • Currently, the scope focuses on central government departments.
  • There are planned discussions with DHSC and health bodies to explore how the framework can be extended to NHS data.
  • The approach is phased to ensure foundational maturity in central departments before broader application.

MT noted that within UKHSA, disease surveillance data is now considered part of the intelligence profession. He queried whether this data would fall under the ‘intelligence data’ classification in the guidance.

Response from FS:

  • The framework focuses on data classified as ‘official’ or ‘P2’, not secret or above.
  • Disease surveillance data would fall within scope if it meets this classification.
  • The definition of “resilience” in the guidance has been intentionally kept broad, following engagement with the Cabinet Office, to capture a wide range of high-value datasets relevant to national preparedness and recovery.
  • Peran Ainscliffe, PA (DEFRA) underscored the necessity for clear accountability within data ownership, asserting the importance of having identifiable contacts for data assets to ensure compliance and quality.
  • FS acknowledged the importance of addressing orphaned data assets and the need for named data owners to ensure accountability.

Actions:

  • JB reminded participants of the upcoming feedback deadline for the revised artefacts, with emphasis on the importance of their contributions in enhancing the guidance.
  • Additional findings and an outline of the journey ahead will be presented in future meetings, allowing for a collaborative approach to finalising the artefacts.

3. Trust Framework for the Public Sector Data Sharing - Murat Soncul, MS (GDS)

Notes:

JB Introduced MS the Head of Data Protection and Privacy at GDS, focused on the UK government and public sector.

  • MS opened the discussion on the ongoing development of the Trust Framework, reiterating its significance as previously highlighted by JB.
  • MS highlighted that maintaining public trust while increasing data access is a significant challenge.
  • MS recognised the need to build trust not only with the public but also among civil society and stakeholders such as data owners and users in various departments.
  • MS acknowledged that trust is difficult to earn, maintain, and restore once lost, particularly in the context of public concerns regarding data breaches and misuse of information.
  • Discussed the public’s perception, stating that many believe more data sharing occurs than what is actually happening.There are varying levels of trust in different organisations, often influenced by negative media coverage concerning data security issues.
  • MS pointed out inconsistencies in addressing public concerns and differing expectations among internal stakeholders across departments.
  • MS emphasised the need to ensure that new developments comply with data protection law, ethical standards, and effective data governance practices.
  • Mentioned the challenge of navigating multiple specialist standards, which can overwhelm data users and owners.
  • MS proposed actions to create a standardised approach that fosters lawful, secure, fair, and transparent use of data assets.
  • Highlighted transparency and accountability as crucial elements in building trust within the framework.
  • Discussed the importance of clear roles and responsibilities in data sharing governance, ensuring that users understand ownership and accountability.
  • Stressed the need to learn from previous initiatives to determine effective practices and rectify shortcomings.
  • Confirmed an iterative approach involving stakeholder contributions, with plans to conduct research and gather examples of good practices in data sharing.
  • Highlighted the importance of leveraging existing standards and frameworks, like the Data Ethics Framework in the development of the trust framework.
  • Stressed the integration of data protection and privacy principles in all aspects of data sharing, ensuring these become central to the design and implementation processes.
  • Discussed the need for privacy-enhancing technologies and the importance of reducing reliance on personal data whenever possible.
  • MS mentioned the incorporation of independent oversight to assess public benefits and the robustness of data sharing safeguards.

Questions and Answers:

  • MT noted parallels with discussions at Open Data Camp and expressed concerns about the potential barriers to data accreditation, calling for a balanced approach to managing accreditation processes to prevent exclusion of organisations.
  • Gavin Ajomale-Evans, GAE (DVLA) inquired about upcoming consultation opportunities with departments before the end of June, expressing willingness to facilitate any necessary discussions.
  • James Hutchings, JH (DFT) shared insights from the DfT rail data marketplace, suggesting potential learnings related to data quality and stakeholder engagement.

Actions:

  • JB acknowledged the importance of measuring the impact of data sharing initiatives and suggested establishing central coordination for tracking agreements and impacts.

4. Personal Data Processing Principles - Alex Smith, AS (GDS) and James Freeland, JF (GDS)

Notes:

JB apologised for AS and JF for being absent and expressed that AS and JF would be available for the next meeting to discuss it further. JB  introduced John Olatunji, JO (GDS) to provide an overview and any pressing requests for the group.

  • JO noted that the main requests would be addressed in the subsequent slides but indicated a lack of time for a thorough review. He referenced ongoing work by AS and JF regarding personal data processing principles.
  • JO stated the intention to document these principles and encouraged group involvement in this process.
  • The eighth draft of the principles has been shared, and feedback is sought from the group to facilitate updates to the guidance.

Actions:

  • JO outlined the aim to publish a data-sharing risk framework alongside a standard approach to quantifying data-sharing risk across government.
  • JO reiterated the main ask of the group is to provide feedback and comments via email to AS.

5. AOB and Close: - Jenny Brooker, Chair

  • JB: thanked all participants for their time and contributions during the meeting and invited anyone with AOB to share their comments in the chat.
  • Clarified that the chat would remain open for participants who do not have policies preventing access after the meeting concludes.
  • Encouraged attendees to review the documents that have been shared and to provide feedback to FS by Friday.
  • Emphasised the importance of submitting feedback to ensure the documents are as close to final versions as possible for sign-off.

JB closed the meeting by reaffirming the commitment to strengthening cross-government data governance and the importance of groups such as PRG.

Back to top