The contribution software and hardware can make to hazardous failures has long been understood and well covered by standards and guidance. We suggest the role of data in influencing the safe operation of systems is equally important but this has not attracted the same level of attention; there is no standardisation and little guidance on how the risks associated with data should be managed. The issue is becoming more acute as many types of data are now used to deploy, configure, operate, test and justify safety systems; the volume of data in systems is also growing at an unprecedented rate, along with the attendant risks – this is the “Data Elephant”, the 'elephant in the room' that can no longer be ignored. This paper presents progress the SCSC Data Safety Initiative Working Group (DSIWG) has made over the last year towards establishing guidance on how the risks associated with data can be appropriately identified and managed.