Collection Governance code of practice: demand-side
Please note, the Collection Governance pages are still available for your reference but the consultation has now been closed. Please refer to the Codes of practice in the Data Landscape Steering Group for the most up-to-date information on data governance.
Data collectors need data at the right time, at the right quality and with the assurance it is fit for purpose for the stated use case(s). They must also be sensitive to the burden of the requests they make. Therefore, requirements should genuinely reflect the necessary and sufficient characteristics, events and objects to be analysed to the best of the Data Collector’s ability. Processes and systems to define requirements, determine scope, evaluate impact, and justify and approve change should be designed to be implemented with the minimal burden.
Data collectors should be transparent in all discussions of the requirement, and not withhold information that bears on its accuracy or interpretation. Data suppliers should be informed promptly if errors are found in the specification after it has been released, or in the data after it has been collected.
The principles are interpreted in this way:
Honesty: Be clear and transparent about current and future use cases. This defines the value of the requirement as does an assessment of doing nothing. A definition of appropriate quality is key, as this characteristic most affects the cost and complexity of collection and the associated burden.
Guidance: Must adhere to regulatory frameworks for data, including but not limited to, the Data Protection Act, the General Data Protection Regulation, the Freedom of Information Act, the Equalities Act, and the UK Statistics Code.
Impartiality: Data requirements must be treated with impartiality and objectivity for their definition, scope, approval, implementation, analysis and publishing. These activities should not ever be influenced by organisational, political or personal interests. Data Collectors should implement controls to ensure that those dealing with data are protected from such interests.
Guidance: Engage in governance process to develop a co-designed solution. Develop metrics to define the success of that solution. Engagement with and understanding of quality requirements is essential, as these characteristics are responsible for the majority of burden, cost, and complexity, of data collection.
Rigour: Repeatable, auditable and documented processes are mandatory for data being defined, scoped, approved, implemented, and analysed. Data definitions should align with relevant published standards; the use of any non-standard definitions or duplicating existing items must be supported by a strong rationale.
Burden assessment must be undertaken through use of a best practice methodology. The output of which creates a publicly available impact assessment for review and challenge. This assessment should demonstrate diligence around minimising any increase in burden for implementation and ongoing operation.
When processes change, records should be kept of previous versions. Estimates and assumptions made as part of interpreting the data as part of onward use should be:
- impact assessed,
- reviewed regularly.
Guidance: Be able to justify decisions from an informed position of the impact. Undertake a form of burden assessment to ensure transparency and trust.