When organisations come together to discuss data, you could easily create a game of bingo. Grab your bingo card and instead of numbers, randomly write down: sharing, interoperability, GDPR, security, blockchain, immunity, legal, minimisation, deduplication, fraud, unique ID, system, change, and so on. Then sit back and listen. I’m sure you’ll have fun.
Whenever organisations come together to discuss data, concerns about legal jurisdiction arise frequently. There will be different interpretation of the law in the room and discussions about who does (and doesn’t) need to abide by which law. And then if the UN is in the room, immunity will be held up.
The option of a data trust, which I’ve discussed many times before, could help the challenge. However, there will always be questions of liability and the immunity would need to be laid aside. And that is unlikely to happen in this century.
So where does that leave us? Are we destined to remain stuck in our organisational silos only dreaming of a better way? The challenge is often that organisations have the data in their systems which are governed by their policies. And they are not interested in changing their policies. Therefore they feel stuck.
So if the data or at least parts of it were not in the organisation, would that help? And no, this time around, I’m not talking about a trust. If the data we collect about people could be used by organisations, but held in a place the individual, about whom the data is, had the ability to control, could they be the point of sharing? This is part of the decentralised model.
And yes, this would need to be done wisely and carefully; there would be issues to work through. And yes, it might not work. But that is true whenever we try something that we haven’t done before. However, if we don’t (wisely) try new things, well, then we stay in our current situation and we probably should stop talking about it.
The choice is up to us.