Data Governance

Our platform is underpinned by a comprehensive data governance framework.


Security is paramount at Wessex, and we have strict policies and technical restrictions in place to ensure our clients’ data is secure and people only get access to the data they are allowed to see.

  • All data is stored in Google’s London data centres and is encrypted at rest and in transit.
  • All our Cloud Storage buckets are private and cannot be made publicly available (enforced by our organisation policy).
  • Strict IAM policies limit access to data based on the principle of least privilege, which means no-one has access to any data by default, and access has to be granted on a per user basis by Wessex operations staff.
  • All data is firewalled off at the network level using a Virtual Private Cloud (VPC) perimeter, and we maintain specific lists of IP addresses that are allowed access.
  • All client data is held in client specific Google Cloud projects which means it is ringfenced from other clients. Clients can only access data in their own projects and this is enforced by our organisation policy.

Data Quality

At each processing stage a number of checks are performed to ensure the data is accurate and has integrity. These include automated checks for duplicates, missing and abnormal values, and reconciliation checks are run to ensure the data coming out of the platform fully reconciles back to what came in. If data fails a check at any stage an alert is generated for our Business Operations team to act upon. Finally, comprehensive data quality dashboards are used by our Business Operations team to manually review and sign off data before it is released to clients.

Audit Records

We capture and maintain records of every file we process so we always know what data has been loaded onto the platform and when. These records enable us to reconcile data at each stage of processing and enable data lineage reporting, so we can trace output data back to the raw data it originated from.