{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,9]],"date-time":"2026-03-09T21:33:51Z","timestamp":1773092031082,"version":"3.50.1"},"reference-count":32,"publisher":"MDPI AG","issue":"3","license":[{"start":{"date-parts":[[2026,3,7]],"date-time":"2026-03-07T00:00:00Z","timestamp":1772841600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Data"],"abstract":"<jats:p>Modern organizations increasingly rely on heterogeneous database environments that combine relational, document-oriented, and key-value storage systems to optimize performance for diverse application requirements. However, this technological diversity creates significant challenges for implementing consistent data governance policies, regulatory compliance, and access control across disparate systems. Traditional governance approaches that operate within individual database silos fail to provide unified policy enforcement and create compliance gaps that expose organizations to regulatory and operational risks. This paper presents a novel API-driven architecture that enables unified data governance across heterogeneous database environments without requiring database-specific modifications or vendor lock-in. The proposed framework implements a centralized governance layer that coordinates policy enforcement across PostgreSQL, MongoDB, and Amazon DynamoDB systems through RESTful API interfaces. Key architectural components include differentiated access control through hierarchical API key management, automated compliance workflows for regulatory requirements such as GDPR, real-time audit trail generation, and comprehensive data quality monitoring with automated improvement mechanisms. Comprehensive experimental evaluation demonstrates the framework\u2019s effectiveness across multiple operational dimensions. The system achieved 95.2% accuracy in access control enforcement across different data classification levels, while automated GDPR compliance workflows demonstrated 98.6% success rates with average processing times of 2.9 h. Performance evaluation reveals acceptable overhead characteristics with linear scaling patterns for PostgreSQL operations (R2 = 0.89), consistent sub-20ms response times for MongoDB logging operations, and sustained throughput rates ranging from 38.9 to 142.7 requests per second across the integrated system. Data quality improvements ranged from 16.1% to 34.3% across accuracy, completeness, consistency, and timeliness dimensions over a 12-week monitoring period, with accuracy improving by 17.8 percentage points, completeness by 13.2 percentage points, consistency by 19.7 percentage points, and timeliness by 24.5 percentage points. The duplicate detection system achieved 94.6% precision and 95.6% recall across various duplicate types, including cross-database redundancy identification. The results demonstrate that API-driven governance architectures can effectively address the persistent challenges of policy fragmentation in multi-database environments while maintaining operational performance and enabling measurable improvements in data quality and regulatory compliance. The framework provides a practical migration path for organizations seeking to implement comprehensive governance capabilities without replacing existing database infrastructure investments.<\/jats:p>","DOI":"10.3390\/data11030054","type":"journal-article","created":{"date-parts":[[2026,3,9]],"date-time":"2026-03-09T11:06:52Z","timestamp":1773054412000},"page":"54","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Unified Data Governance in Heterogeneous Database Environments: An API-Driven Architecture for Multi-Platform Policy Enforcement"],"prefix":"10.3390","volume":"11","author":[{"given":"Maryam","family":"Abbasi","sequence":"first","affiliation":[{"name":"Escola Superior de Gest\u00e3o e Tecnologia de Santar\u00e9m, Polytechnic Institute of Santar\u00e9m, 2001-904 Santarem, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1745-8937","authenticated-orcid":false,"given":"Paulo","family":"V\u00e1z","sequence":"additional","affiliation":[{"name":"Research Center in Digital Services, Polytechnic Institute of Viseu, 3504-510 Viseu, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7285-8282","authenticated-orcid":false,"given":"Jos\u00e9","family":"Silva","sequence":"additional","affiliation":[{"name":"Research Center in Digital Services, Polytechnic Institute of Viseu, 3504-510 Viseu, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3916-5182","authenticated-orcid":false,"given":"Filipe","family":"Cardoso","sequence":"additional","affiliation":[{"name":"Escola Superior de Gest\u00e3o e Tecnologia de Santar\u00e9m, Polytechnic Institute of Santar\u00e9m, 2001-904 Santarem, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7846-8397","authenticated-orcid":false,"given":"Filipe","family":"S\u00e1","sequence":"additional","affiliation":[{"name":"ISEC\u2014Coimbra Institute of Engineering, Polytechnic University of Coimbra, 3030-199 Coimbra, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2118-1440","authenticated-orcid":false,"given":"Pedro","family":"Martins","sequence":"additional","affiliation":[{"name":"Research Center in Digital Services, Polytechnic Institute of Viseu, 3504-510 Viseu, Portugal"}]}],"member":"1968","published-online":{"date-parts":[[2026,3,7]]},"reference":[{"key":"ref_1","unstructured":"Croft, W.B., Metzler, D., and Strohman, T. (2010). Search Engines: Information Retrieval in Practice, Addison-Wesley."},{"key":"ref_2","doi-asserted-by":"crossref","first-page":"79","DOI":"10.1038\/s41746-019-0158-1","article-title":"Why Digital Medicine Depends on Interoperability","volume":"2","author":"Lehne","year":"2019","journal-title":"npj Digit. Med."},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"1977","DOI":"10.1126\/science.287.5460.1977","article-title":"Genomic Medicine and the Future of Health Care","volume":"287","author":"Mandl","year":"2000","journal-title":"Science"},{"key":"ref_4","doi-asserted-by":"crossref","unstructured":"Voigt, P., and Von dem Bussche, A. (2017). The EU General Data Protection Regulation (GDPR): A Practical Guide, Springer International Publishing.","DOI":"10.1007\/978-3-319-57959-7"},{"key":"ref_5","unstructured":"Press, G. (Forbes, 2016). Cleaning Big Data: Most Time-Consuming, Least Enjoyable Data Science Task, Survey Says, Forbes."},{"key":"ref_6","unstructured":"Gartner, Inc. (2024, March 15). How to Improve Your Data Quality. Available online: https:\/\/www.gartner.com\/smarterwithgartner\/how-to-improve-your-data-quality."},{"key":"ref_7","doi-asserted-by":"crossref","first-page":"79","DOI":"10.1145\/269012.269025","article-title":"The Impact of Poor Data Quality on the Typical Enterprise","volume":"41","author":"Redman","year":"1998","journal-title":"Commun. ACM"},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"ooad068","DOI":"10.1093\/jamiaopen\/ooad068","article-title":"Integrating Row Level Security in i2b2: Segregation of Medical Records into Data Marts Without Data Replication and Synchronization","volume":"6","author":"Bialecki","year":"2023","journal-title":"JAMIA Open"},{"key":"ref_9","doi-asserted-by":"crossref","first-page":"100699","DOI":"10.1016\/j.simpa.2024.100699","article-title":"PostgREST Data Provider for React-Admin: Bootstrap the Creation of User Interfaces on Top of PostgreSQL Databases","volume":"21","author":"Scheible","year":"2024","journal-title":"Softw. Impacts"},{"key":"ref_10","unstructured":"DAMA International (2017). DAMA-DMBOK: Data Management Body of Knowledge, Technics Publications. [2nd ed.]."},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"101493","DOI":"10.1016\/j.giq.2020.101493","article-title":"Data Governance: Organizing Data for Trustworthy Artificial Intelligence","volume":"37","author":"Janssen","year":"2020","journal-title":"Gov. Inf. Q."},{"key":"ref_12","unstructured":"Otto, B. (2011, January 9\u201311). A Morphology of the Organisation of Data Governance. Proceedings of the 19th European Conference on Information Systems (ECIS), Helsinki, Finland."},{"key":"ref_13","first-page":"424","article-title":"Data Governance: A Conceptual Framework, Structured Review, and Research Agenda","volume":"49","author":"Abraham","year":"2019","journal-title":"Int. J. Inf. Manag."},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"148","DOI":"10.1145\/1629175.1629210","article-title":"Designing Data Governance","volume":"53","author":"Khatri","year":"2010","journal-title":"Commun. ACM"},{"key":"ref_15","first-page":"872","article-title":"Revisiting Polyglot Persistence: From Principles to Practice","volume":"13","author":"Lajam","year":"2022","journal-title":"Int. J. Adv. Comput. Sci. Appl."},{"key":"ref_16","unstructured":"(2017). Information Technology\u2014Governance of IT\u2014Governance of Data\u2014Part 1: Application of ISO\/IEC 38500 to the Governance of Data. Standard No. ISO\/IEC 38505-1:2017. Available online: https:\/\/www.iso.org\/standard\/56639.html."},{"key":"ref_17","unstructured":"(2023). Information Technology\u2014Governance of IT\u2014Governance of Data\u2014Part 2: Implications of ISO\/IEC 38500 for Data Management. Standard No. ISO\/IEC 38505-2:2023. Available online: https:\/\/www.iso.org\/standard\/86012.html."},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"5","DOI":"10.1080\/07421222.1996.11518099","article-title":"Beyond Accuracy: What Data Quality Means to Data Consumers","volume":"12","author":"Wang","year":"1996","journal-title":"J. Manag. Inf. Syst."},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"16:1","DOI":"10.1145\/1541880.1541883","article-title":"Methodologies for Data Quality Assessment and Improvement","volume":"41","author":"Batini","year":"2009","journal-title":"ACM Comput. Surv."},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"7772","DOI":"10.1109\/TKDE.2024.3397508","article-title":"Cloud-Native Databases: A Survey","volume":"36","author":"Dong","year":"2024","journal-title":"IEEE Trans. Knowl. Data Eng."},{"key":"ref_21","first-page":"3","article-title":"Data Management in the Cloud: Limitations and Opportunities","volume":"34","author":"Chaudhuri","year":"2011","journal-title":"IEEE Data Eng. Bull."},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Daraghmi, E., Zhang, C.-P., and Yuan, S.-M. (2022). Enhancing Saga Pattern for Distributed Transactions within a Microservices Architecture. Appl. Sci., 12.","DOI":"10.3390\/app12126242"},{"key":"ref_23","doi-asserted-by":"crossref","unstructured":"Van Landuyt, D., Benaouda, J., Reniers, V., Rafique, A., and Joosen, W. (2023). A Comparative Performance Evaluation of Multi-Model NoSQL Databases and Polyglot Persistence. Proceedings of the 38th ACM\/SIGAPP Symposium on Applied Computing (SAC \u201923), ACM.","DOI":"10.1145\/3555776.3577645"},{"key":"ref_24","doi-asserted-by":"crossref","first-page":"17","DOI":"10.4018\/IJITSA.2021010102","article-title":"PolyGlot Persistence for Microservices-Based Applications","volume":"14","author":"Singhal","year":"2021","journal-title":"Int. J. Inf. Technol. Syst. Approach"},{"key":"ref_25","doi-asserted-by":"crossref","first-page":"1","DOI":"10.4018\/JDM.321756","article-title":"A Benchmark for Performance Evaluation of a Multi-Model Database vs. Polyglot Persistence","volume":"34","author":"Ye","year":"2023","journal-title":"J. Database Manag."},{"key":"ref_26","doi-asserted-by":"crossref","first-page":"3348","DOI":"10.14778\/3484224.3484232","article-title":"Data Management in Microservices: State of the Practice, Challenges, and Research Directions","volume":"14","author":"Laigner","year":"2021","journal-title":"Proc. VLDB Endow."},{"key":"ref_27","doi-asserted-by":"crossref","unstructured":"Brito, G., Mombach, T., and Valente, M.T. (2019). Migrating to GraphQL: A Practical Assessment. Proceedings of the 2019 IEEE 26th International Conference on Software Analysis, Evolution and Reengineering (SANER), Hangzhou, China, 24\u201327 February 2019, IEEE.","DOI":"10.1109\/SANER.2019.8667986"},{"key":"ref_28","first-page":"tyy001","article-title":"Forgetting Personal Data and Revoking Consent Under the GDPR: Challenges and Proposed Solutions","volume":"4","author":"Politou","year":"2018","journal-title":"J. Cybersecur."},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Hils, B., Woods, D.W., and B\u00f6hme, R. (2020). Measuring the Emergence of Consent Management on the Web. Proceedings of the ACM Internet Measurement Conference (IMC \u201920), ACM.","DOI":"10.1145\/3419394.3423647"},{"key":"ref_30","doi-asserted-by":"crossref","unstructured":"Vayena, E., Blasimme, A., and Cohen, I.G. (2018). Machine Learning in Medicine: Addressing Ethical Challenges. PLoS Med., 15.","DOI":"10.1371\/journal.pmed.1002689"},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"689","DOI":"10.1007\/s11023-018-9482-5","article-title":"AI4People\u2014An Ethical Framework for a Good AI Society: Opportunities, Risks, Principles, and Recommendations","volume":"28","author":"Floridi","year":"2018","journal-title":"Minds Mach."},{"key":"ref_32","doi-asserted-by":"crossref","first-page":"881","DOI":"10.1017\/S2071832200022197","article-title":"Reality and Illusion in EU Data Transfer Regulation Post Schrems","volume":"18","author":"Kuner","year":"2017","journal-title":"Ger. Law J."}],"container-title":["Data"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2306-5729\/11\/3\/54\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,3,9]],"date-time":"2026-03-09T11:42:48Z","timestamp":1773056568000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2306-5729\/11\/3\/54"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026,3,7]]},"references-count":32,"journal-issue":{"issue":"3","published-online":{"date-parts":[[2026,3]]}},"alternative-id":["data11030054"],"URL":"https:\/\/doi.org\/10.3390\/data11030054","relation":{},"ISSN":["2306-5729"],"issn-type":[{"value":"2306-5729","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026,3,7]]}}}