1. The governance tier states the rules to follow, accountabilities, the agreed model(s) to use, who has access and to what, how decisions are made about access and use, where data is stored, when it is deleted, and what costs are involved.
2. The technical tier states the standards to adhere to – data structure, data security, and potentially the technology stack or APIs.
3. The legal tier sets out the legal agreements, specifically data sharing agreements and for what purpose the data can be used. It can also include reference to data protection regulations and legal basis for data use.
4. The data tier articulates what data is involved, how it should be collected, by whom, and for what purpose.

Photo by Tuệ Nguyễn