Developing standards for accountability in data stewardship

By Preethi Sundararajan

This article follows “The role of data stewards in enhancing accountability”, to chart an imagination of standards for accountability in data stewardship.

A two-fold framework for accountability is envisaged herein-first is the minimum standards which are either the bare minimum protections/responsibilities or legally mandated requirements. Secondly, enlisted below is a set of standards that serve to reinforce and strengthen the basic accountability standards already laid down as minimum standards. While meeting the minimum standards of accountability may be sufficient for anonymized, aggregated, non-sensitive data, a higher threshold for accountability by way of additional standards may be insisted upon for entities handling sensitive data such as health-related data, personal data (sexual orientation, ethnicity, religion, political beliefs, etc), genetic data and biometric data.

Minimum requirements

  • Code of Conduct — This serves as the main tool of self-regulation for the entity. Ideally, it must give an overview of the oversight mechanism, procedure for raising complaints/grievances, and whistleblower policy amongst others. It also serves as the main document that enlists the ethical considerations, principles, and objectives that guide the functioning of the organization.

Additional requirements

  • External Audit — Annual audit to be conducted by an external expert(s). The scope of the audit will not only include compliance aspects but also (and more importantly) conduct a risk assessment and suggest means for mitigation.



This article was written by Preethi Sundararajan. Preethi is a second-year M.A. (Public Policy and Governance) student at the Azim Premji University. Her interests lie in governance issues pertaining to accountability/transparency and the financial sector, and the rule of law in India.

To learn more, visit Aapti’s Data Economy Lab.

At the frontier of tech and society