Request Demo
Platform CapabilitiesPolicy Creation and ManagementFile Sharing and CollaborationFile Transfer AutomationFully Governed Email DataData Streaming with Next-gen DRMControlled AI Data AccessSecure Data Intake Via Online FormsUse CasesControl Data ExchangeMeet Regulatory RequirementsSafeguard Private AI DataPartnersTechnology PartnersMSP & MSSP PartnersResellers & Channel PartnersResourcesResource CenterDevelopersCustomersCompanyAbout UsManagementInvestorsCareersTechnical SupportNewsroomTrust PageVulnerability CenterContact UsRequest Demo
Mouseover to personalize your Kiteworks website experience

EU Data Governance Act (DGA)

Foster trusted data sharing through certified data intermediaries, public sector data reuse, and voluntary data altruism to accelerate European data economy growth.

DGA Content

How Kiteworks Supports EU Data Governance Act Compliance

The EU Data Governance Act (DGA) establishes a framework for trusted data sharing across the European Union, creating mechanisms to increase data availability while maintaining high standards of privacy and security. As the first major legislative deliverable of the European Data Strategy, the DGA introduces novel concepts including data intermediary services, public sector data reuse conditions, and voluntary data altruism organizations. Kiteworks provides the secure infrastructure organizations need to participate in the European data economy while meeting DGA requirements.

Understanding the Data Governance Act

The DGA addresses the challenge of making more data available for economic and societal benefit while ensuring that data sharing occurs under trusted conditions. The regulation creates a governance framework rather than establishing direct data access rights, complementing other EU data legislation including the GDPR, the Data Act, and sector-specific data sharing regulations.

The Act applies to the reuse of publicly held data, data intermediary services, data altruism organizations, and the European Data Innovation Board that coordinates data governance across member states.

Data Intermediary Services

The DGA creates a notification framework for data intermediary services that facilitate data sharing between data holders and data users. Kiteworks supports organizations operating as or engaging with data intermediaries through:

  • Neutral data exchange platforms that facilitate sharing without using the data for other purposes, maintaining the structural separation required by the DGA
  • Secure data rooms enabling controlled access to shared datasets with granular permission management and comprehensive audit logging
  • Consent management infrastructure supporting personal data intermediaries that help individuals exercise their GDPR rights within data sharing frameworks
  • Interoperability capabilities enabling data intermediaries to connect with multiple data sources and recipients across different platforms and jurisdictions

Public Sector Data Reuse

The DGA establishes conditions for reusing certain categories of publicly held data that are subject to rights of others, including personal data, intellectual property, and commercial confidentiality. Kiteworks supports compliant data reuse through:

  • Secure processing environments that enable analysis of sensitive public sector data without exposing the underlying personal information
  • Access control frameworks ensuring that reuse conditions, including non-disclosure agreements and purpose limitations, are technically enforced
  • Anonymization and pseudonymization tools that prepare public sector datasets for reuse while protecting individual privacy
  • Audit trails documenting all data reuse activities for regulatory oversight and accountability

Data Altruism

The DGA introduces the concept of data altruism, enabling individuals and organizations to voluntarily make their data available for objectives of general interest such as scientific research, public health, and environmental protection. Kiteworks supports data altruism initiatives by providing secure channels for voluntary data contributions, consent management for altruistic data sharing, and protected storage environments for altruistically shared data.

Organizations registered as recognized data altruism organizations must meet transparency, governance, and security requirements. Kiteworks helps these organizations maintain the necessary operational standards through comprehensive security controls, transparent data handling practices, and regular reporting capabilities.

European Data Innovation Board

The DGA establishes the European Data Innovation Board to facilitate best practices in data governance across member states. Kiteworks supports organizations in implementing the Board's recommendations through configurable governance frameworks, standardized data sharing protocols, and compliance monitoring tools that adapt to evolving guidance.

Security Requirements and Trust Frameworks

Trust is fundamental to the DGA's vision of a thriving European data economy. Kiteworks builds trust through:

  • End-to-end encryption protecting data during all sharing, transfer, and storage operations
  • Identity verification ensuring that data sharing participants are properly authenticated and authorized
  • Purpose limitation enforcement technically restricting data use to agreed-upon purposes
  • Cross-border security maintaining consistent protection levels when data is shared across EU member state boundaries
  • Compliance documentation generating evidence of adherence to DGA requirements for regulatory authorities

Integration with the EU Data Ecosystem

The DGA operates within a broader ecosystem of EU data legislation. Kiteworks helps organizations navigate the interactions between the DGA, GDPR, Data Act, and sector-specific regulations by providing unified compliance management, consistent security controls, and integrated reporting across multiple regulatory frameworks. This holistic approach ensures that data governance practices meet all applicable requirements without creating operational complexity.