Any service must access or hold data in databases or data caches based on the requirements for that type of data, including regulations, security, or business processes. Microservices solutions typically leverage database services that can provide those requirements through defined APIs.

Services that transform data need to communicate those changes via standard messages to maintain lineage and governance, typically using defined APIs or message queues.

Adhere to the data access control policies that are appropriate for the data. Typically the data access policies are set by the data repositories depending on the sensitivity of the data they contain. The services use the appropriate role for the application's constituency.

Data movement and transformation services must consider performance for SLA on the time between acquisition and availability. These services must also consider the volume and locality of the data to be accessed and set the SLA expectations accordingly.

If the services need highly trusted common data, determine if they should be using the enterprise's designated source of master data.

Storage must consider the volume of data to be stored, the velocity at which it will be received, how it will be used, and the security and resilience requirements when choosing the appropriate data repository.

Monitor and log information around how the data is flowing and who accessed what data to assure that appropriate security measures were taken. Communicate transformation for data lineage and governance.

https://www.turing.com/blog/microservices-data-management-patterns/