To set the necessary policies and regulations for data classification, data sharing, data privacy, freedom of information, open data, and other areas in anticipation of necessary legislation, the National Data Management Office (NDMO), the national regulator of data in the Kingdom, developed the National Data Management and Personal Data Protection Standards (the “Standards”) for national data governance for government entities.

15 Data Management and Personal Data Protection domains are covered by the Standards. Saudi's public entities must implement the Standards. In addition to public entities, the scope of the Standards also extends to business partners handling government data. Such business partners are responsible for understanding and applying the Standards to all government data assets within their control and custody.

Furthermore, all forms and types of government data, including paper records, emails, data saved electronically, voice recordings, films, maps, pictures, scripts, handwritten documents, and other recorded data, are covered by the Standards.