The importance of data governance within the healthcare landscape has escalated in recent years, largely in response to the complexities associated with digital health transformation and user expectations around data security, privacy, and confidentiality. A key organisational asset, the effective access and use of data both enables value creation as well as creates exposure to risks. This study explores the role of the data custodian within a healthcare organisation and adopts a paradox theory lens to conceptualise three paradoxical tensions in the role of the data custodian. At its core, the ultimate paradox is that maximising patient health care requires data accessibility, but doing so reduces control and data security. Data custodians must follow a narrow pathway in balancing these paradoxical tensions, and a research agenda is presented to develop our understanding of these tensions.