Guest Column | December 2, 2022

5 Steps To Eliminate Weak Links In Your Data Governance

By Patrick Middag and Dennie van de Voort, Deloitte


The future of life sciences efficiency and innovation, in bringing important products to market, relies on a dependable flow of agreed data, and major regulators including the European Medicines Agency and FDA have established frameworks through which this must be captured and exchanged with them. But companies need a solid plan for how that data will be governed.

The impact of any digital process transformation program relies heavily on the quality and reliability of the data that feeds into those processes. If that data is patchy, out of date, or incorrect, risks will be magnified each time someone reuses that data. Operationally, inconsistent information exchanged with the regulators will lead to noncompliance risks, risks of poor quality, and ultimately patient safety and public health risks. More strategically, it will limit companies’ ability to perform useful data analytics and to increase their business efficiency, reducing the time to market and patients.

All kinds of critical processes in life sciences now require a dependable flow of agreed data. The need to adequately record and maintain data elements — product ingredients, formulation, packaging, clinical particulars, manufacturers — from different functions requires clear alignment and consistency across the enterprise and its different product touchpoints. Furthermore, companies must keep up with ever-changing data standards.

Tackling these challenges requires effective data governance practices. However, as we have seen with clients, this is one of the most difficult and complex topics for organizations to address.

A sobering point here is the potential for mass-scale market disruption by the big data players, which have all the skills and resources to challenge the life sciences and healthcare industry head-on with their strategic use of data and analytics. For example, Google and Amazon have already started to make strides into the industry. It would not be much of a leap for these companies to enter the generics world, attract the right scientific talent, and branch out into research around innovative therapies.

This is a real wake-up call for any company currently not taking the strategic role of data as an asset seriously. So where should companies start in embedding the right mindset and everyday working practices?

1. Set A Vision & Strategy

Most pharma organizations already are aware of the role data will play in their operational and strategic future, but in most cases, there is a gap between that appreciation and what it means for managers, teams, and individuals— and for day-to-day behavior. Although there may be some level of understanding that good data is everyone’s responsibility, a lack of clarity around data ownership, and cross-company data handling and use, obscures the way forward.

First then, organizations need a clear overarching data management strategy, with cross-functional buy-in and active sponsorship from the top, typically starting with the chief data officer, chief information officer, or chief digital transformation officer. Without this, any progress with data governance and data quality will be confined to the given team or department. This will limit the benefits and undermine the potential return on investment – especially if other teams go on to duplicate or dilute the good data’s value, for example, by editing it in a way that conflicts with the correct source information or by not adhering to defined data standards.

Although regulatory teams may seem the obvious point of call for good, correct data about a product across its lifecycle, once companies start to trace that data back to its source, they begin to see that the reality is far more fragmented. The real originators of that data are likely to be chemistry, manufacturing, and controls teams or clinical research scientists, who often don’t realize that they hold a responsibility for regulated product information and who are often also unaware of the importance of their data in other processes and systems elsewhere in the company.

So senior stakeholders higher up the organization will need to sponsor an organization-wide data governance strategy, designed to foster consistent use of robust, reusable, standards-based data.

2. Assign Responsibility

With the vision in place, companies will need to define roles and responsibilities linked to data’s quality. They must also communicate data’s value to the company.

Up to now, if an issue emerges with data quality, business functions typically look no further than one or two steps forward or backward to resolve the issue. Their focus is often on the immediate use case, on how they can fix the issue to satisfy local needs or compliance requirements. There is usually no deeper investigation to ensure that information is correct at the source or how any issues with the data have arisen so that these can be avoided in future.

The lack of clarity around data ownership, data consumers, or data business purpose are typical causes of all this. Establishing a data governance structure, including appointing a data governance lead, data owners, and data stewards and establishing an interaction model and company awareness through change management efforts, will help provide that clarity and direction.

3. Communicate Data’s Value & Guidelines

Hand in hand with establishing data governance roles and responsibilities, senior stakeholders need to communicate the evolving role and value of data so that the entire organization sees and treats data as an asset to be harnessed across a range of contexts. Ultimately, everyone needs to understand what happens to data and how it is used. Everyone also must understand the importance of capturing, formatting and managing data to fit its purpose, and so they can enrich it over time. In large organizations, creating this new mindset requires a proper change management program. Defining and clearly documenting the company’s rules and preferred data standards is another important activity. Simply copying and pasting, let’s say, ISO IDMP specifications into new procedures could do more harm than good. Guidance needs to be practical, actionable, and clear so that users can absorb the new rules at a glance.

4. Consider Technology’s Role

A smarter and more involved system capability, which will be necessary for large international organizations, should automatically flag any gaps in, for example, data ownership or sources, if someone leaves. Such capability also serves as an impact assessment tool whenever changes occur to data, ensuring that the details are reflected elsewhere. This ensures data quality and compliance with data standards.

Inevitably, there will be technology considerations as part of this journey, particularly given the need for a smoother flow of consistent, compliant data between departments and across use cases. This will require appropriate data and technology architecture and integration skills.

Ultimately, though, good data governance should remain a companywide management practice, which starts with the right strategy and mindset.

5. Measure & Celebrate Success

Finally, it’s important to measure, show, and celebrate improvements to data quality over time and reduction of data quality issues to maintain momentum, e.g., by showing data quality monitoring results and/or enhanced data availability. These gains could be reported in a monthly data governance newsletter, for instance.

Of course, time and budgetary considerations will always be a factor, but it is important to have a North Star to aim for even if improvements are incremental. That is, each step should contribute to the wider goal. If the foundations are solid, the rest will flow organically.

About The Authors:

Patrick Middag is a director at Deloitte, with a focus on regulatory information management and IDMP, based in Brussels. He joined Deloitte after a career of more than 20 years in the pharmaceutical industry, including 14 years at Bristol Myers Squibb, where he was an associate director in IT for global regulatory sciences. He can be reached by email at

Dennie van de Voort, MSc, is a junior manager at Deloitte, specializing in IDMP/structured data best practice and advanced use cases for the last six years. He is based in the Netherlands. He can be reached by email at