skip to main content
Close Icon We use cookies to improve your website experience.  To learn about our use of cookies and how you can manage your cookie settings, please see our Cookie Policy.  By continuing to use the website, you consent to our use of cookies.
Global Search Configuration


“Grey data” -- data related to health and well-being but not protected by healthcare legislation -- creates complex data privacy concerns because it is frequently handled by the enterprise yet no concrete guidelines exist for its management.


  • Protecting privacy and increasing individual control over grey data collection can actually increase the quality and value of data.
  • Regional data privacy regulations can provide a useful template for grey data management policies, particularly when the strictest regulations are chosen as models.
  • The presence of consent and a process for obtaining consent are critical to ethical collection and use of grey data within the enterprise.

Features and Benefits

  • Identifies common sources of grey data within the enterprise and highlights best practices for management.
  • Assesses the impact of current data collection and consent practices on the long-term relationships with customers.
  • Evaluates regional regulation for PII (personally identifiable information) and assesses how these standards can be applied to grey data management.
  • Identifies current practices and methodologies in data collection that harm the user experience and hamper consumer trust.
  • Compares "quantity versus quality" approaches to grey data collection, as well as their implications for privacy.

Key questions answered

  • What is grey data, and what are the potential sources of grey data within the enterprise?
  • How do regional regulations for PII provide a useful model for building best practices for grey data management?
  • How can increasing privacy and consumer control over data build trust and increase overall data quality?
  • Why are current consent methodologies not sufficient for grey data collection in the IoT era?
  • What actions can the enterprise take to protect against potential future regulation of grey data?

Table of contents


  • Catalyst
  • Ovum view
  • Key messages


  • Recommendations for enterprises
  • Recommendations for vendors

Grey data is increasingly common, and is woven between work and personal life

  • Grey data is data related to health and well-being, but not protected by traditional healthcare privacy protections
  • Because of its sensitive nature, grey data is particularly susceptible to security breaches and misuse
  • The enterprise has varying degrees of control over different grey data sources

Regional data privacy regulations can provide a useful template for global grey data policies

  • The strictest regional standards for PII set a good example for management, and protect against future regulation
  • The enterprise needs to ensure that existing requirements for PII are being met
  • Security best practices need to be an integral part of grey data best practices

Consent, and the process of obtaining it, is critical to the ethical use and management of grey data

  • Current consent processes are frequently combative in nature, and do not scale well
  • When it comes to grey data consent, "opt-in" is in
  • The "all or nothing" approach to data collection and consent does not work well with grey data

Increasing individual control over data collection can actually increase the quality and value of data

  • Building trust in data practices builds better, more profitable long-term relationships
  • Giving users more control over the data they share results in higher-quality data


  • Methodology
  • Further reading
  • Author

Recommended Articles

  • Service Provider Markets, Consumer & Entertainment Services,...

    MWC 2018 Highlights

    By Ronan De Renesse 27 Feb 2018

    Over 20 of our senior Ovum analysts and consultants attended this year’s Mobile World Congress in Barcelona at the end of February. In between meetings, briefings and presentations, our analyst team were blogging and tweeting about key developments, trends and rumors. Have a look through our daily MWC 2018 Highlights to find out what happened.

    Topics 5G AI IoT Cloud Payments SDN/NFV Smart home

  • Internet of Things

    IoT Viewpoints 2018

    IoT Viewpoints explore the IoT opportunity in 2018 and beyond. Download our latest e-book to get our newest collection of thought leadership articles on the emerging IoT trends, technologies and opportunities.

    Topics IoT

  • Consumer & Entertainment Services

    US pay TV: Is it facing an existential threat?

    By Adam Thomas 28 Mar 2018

    With US pay TV having endured the worst year in its history, thoughts have inevitably turned to the future. The likelihood remains that the immediate future will remain highly uncomfortable for everyone except the scaled multinational digital platforms.


Have any questions? Speak to a Specialist

Europe, Middle East & Africa team - +44 (0) 207 017 7700

Asia-Pacific team - +61 (0)3 960 16700

US team - +1 646 957 8878

Email us at

You can also contact your named/allocated Client Services Executive using their direct dial.
PR enquiries - Call us at +44 788 597 5160 or email us at

Contact marketing -

Already an Ovum client? Login to the Knowledge Center now