The rapid expansion of artificial intelligence (AI) and digital health technologies has made data sovereignty a critical policy concern. In Saudi Arabia, Vision 2030 emphasizes technological innovation, economic diversification, and resilient digital infrastructures, positioning data governance as a foundation for national transformation. This review examines how data sovereignty strategies can support the Kingdom’s digital health transformation while ensuring compliance with international standards. Using a qualitative approach, the study synthesizes policy documents, institutional reports, and peer-reviewed literature. The analysis identifies both enablers and barriers: strong institutions such as the Saudi Data and Artificial Intelligence Authority (SDAIA) and the National Data Management Office (NDMO), alignment of the Personal Data Protection Law (PDPL) with frameworks like the GDPR, but also challenges including rigid intellectual property rules, fragmented cloud data governance, and weak sector-specific policies. The study’s objectives are to clarify these challenges, assess their impact on generative AI adoption, and recommend reforms that align with Vision 2030’s innovation goals. Policy recommendations include adaptive IP frameworks, sector-specific governance models, inter-agency coordination, and public–private partnerships to expand access to lawful datasets. The findings demonstrate that data sovereignty, when strategically designed, functions not as a barrier but as an enabler of secure, scalable, and ethically responsible innovation in healthcare and beyond. This work contributes actionable insights for policymakers, regulators, and researchers in Saudi Arabia and offers lessons for other nations navigating the balance between sovereignty and competitiveness in the digital era.
Albaroudi et al. (Tue,) studied this question.