System and method for management of medical, biodiagnostic data and biospecimen in biobanking environment.

Technical Field of the Invention

This invention relates to the technical field of information collection and management which illustrates physical parameters, with particular application in the field of employment of medical, bio-diagnostic data and natural biosamples in a biobank environment, using, among others, database technologies, digital rights management (DRM), encryption and decryption, computer-user interface technology, etc. The invention implements via a holistic approach a method and a system through which multiple systems are combined, partly incompatible with each other, producing a new, until today unknown, and multiply useful functionality.

Introduction, state of the art

This invention applies to biobanks that store human biological samples, such as blood, saliva, urine, cells, skin biopsies, or other tissue samples. A biobank is a collection of biological material and data with respective documentation, which can be used for medical and research purposes. The term biological sample (or biological material) is often used for a sample or biological material stored in a biobank. Samples may also include DNA, RNA, cell lines, cancer tumors, etc. These samples can be collected through standard medical procedures or through additional medical procedures, when required.

Molecular, biochemical and genetic information from each human sample can be linked to an individual's medical history, that is, connection of biosamples with data on the donor's lifestyle (e.g. diet, smoking, etc.), as this connection enhances the research capabilities of biosamples.

In addition to providing access to human samples and related data, biobanks can potentially provide access to a variety of information, secondary management data of the biosample. Typical secondary data concern e.g. duration and conditions of stay of the sample out of refrigeration.

The biobank is either autonomous, public or private, or operates as a department of institutes, organizations, clinics or hospitals. Biobanks are divided into the following categories: disease-oriented, population -oriented, twins-oriented. Disease-oriented biobanks are more common within hospitals and contain collections of tumors, blood, urine and tissues for several diseases, as well as from healthy individuals. Population biobanks usually exist out of hospitals and contain mostly samples of healthy volunteer donors. All types of biobanks supply research and studies in order to find biomarkers related to diseases or phenotypes. Biobanks function in a complementary manner, as this type of research is supported by more than one biobank. Therefore, the creation of biobanks networks is necessary, because it solves the problem of in a complementary manner operation.

The state-of-the-art bio-banking systems and their system of operation present a number of technical problems:

In terms of system integrity and man-machine interface, the lack of interoperability, common linguistic and/or electronic ontology among the systems for acquiring, maintaining and transferring data from biobanks and affiliate hospitals, or health providers, creates ontological inconsistencies resulting in data loss, waste of resources, delay in basic research steps and bias in the molecular selection of targets within the biological environment. A typical example of the relevant state-of-the-art is US PPA (Provisional Patent Application) 62883767. A typical example of an attempt to address the lack of interoperability in linguistic ontology is the HL7 system (Health Level 7). A typical example of interoperability in electronic ontology is the parallel use of LOINC (Logical Observation Identifiers Names and Codes) and SNOMED CT (Systematized Nomenclature of Medicine - Clinical Terms) coding systems.

From the point of view of geographical and temporal coverage, it is not possible with today's technical solutions to search for biosamples through a single system in real time, setting multiple criteria related to all types of data associated with them, deriving from different feeders in the use chain, nor the search for biosamples in real-time from multiple bio-banking units in different geographical locations, countries or continents and checking their availability.

In terms of time-related aspect, the entire cycle of the evolution of a patient's disorder is not acquired by the data in the biobank collections, as no current solution provides an interoperable internet system that connects data in a longitudinal way (i.e. along its time axis) by the same patient, thus linking not only the order of the data generated, but also the different samples collected in chronological order.

In terms of management of the patient's consent, today biobanks do not have the ability to obtain and link newer bioelements from the same patient to the original bio-sample, due to the system of operation and its inability to track new donations from the same patient without disrupting his anonymity status. Snapshot data from repeated visits are not added to previous entries but are recorded separately. Also, no current technical solution allows the sole and principal owner (i.e. the donor) of both the biosamples and the data that follow them, to configure according to his preferences the chain of use of the above (i.e. which user has the donor's permission for access to specific data and for what use), the relationships among different users (i.e. which user is authorized by the donor to communicate biosamples, biodata and / or research results in relation to biosamples to another user) and the level of access to both biosamples and data thereof (i.e. access just for information, use, transfer, further consent, processing, etc.).

No current technical solution provides sufficient data for interoperable clinical, molecular (typical data cases managed by the hospital), genetic, translational (typical data cases managed by the research center) pre- analytical (data manageable by the hospital and the biobank, in connection to the management mode of the biosample in the natural world), environmental, and data of the development of the disorder (typical patient data needed by researchers) from different sources, in a longitudinal manner (i.e. along the time axis), forming a set of temporal data that accompanies each bioelement. For example, the state-of-the-art cannot handle questions about whether a new disease is affected by the progression of a previous disease. Also, no current technical solution offers the ability to record secondary data produced in the clinical environment and which data are important because they are used to produce research results and thereby have an impact on research.

The Document US 2003/0014654 Al describes a system and a method for the management of personal data in a non-medical setting using a rule-based template.

The Document WO 2016/154254 Al describes a system and a method for the management of bioinformatics data, where the donor of the data determines the data access rights, using encryption technologies.

The Document US 2016/0224735 Al describes a technology for improved data access, related to data protection, to medical examination results based on the patient's genome.

The Document US 2018/0211005 Al describes a mechanism for accessing patients' medical data, where access authorization concerns a specific computer terminal.

The Document US 2011/0082794 Al describes a system and a method of accessing personal medical data, where patient's consent plays a major role.

The Document WO 2010/100590 Al describes a system for managing access to data in a non-medical setting, based on rules where the user can intervene and give solutions in case of conflicting rules.

Pre-existing systems focus on the issue of access management to personal data, medical or not. These systems are partially incompatible with each other, have limited functionality in the interface with the user, do not have a single language of communication with the user and do not allow monitoring the evolution of laboratory values of bio-diagnostic data and natural biosamples along the usage chain and the time axis in relation to individual patients or donors. Brief disclosure of the invention

This invention relates to the management of multiple protocols for the transfer of medical, bio-diagnostic data related to biosamples among individual systems acting as an umbrella system, enriching their scientific value. The management and transfer protocols of the above data, based on this invention, include provisions for the management of digital rights (Digital Rights Management, DRM). The electronic system uses digital rights management (DRM) technologies and consent management technologies to store and use medical data, biological material and all data resulting from the management of both of them in the usage chain. The usage chain includes the patient or donor, the hospital, the biobank and the research institute. The invention functions as a cohesive web between successive samples of the same patient or donor, recording the time evolution of the respective values while providing continuity and expansion of functionality in a way that none of the state-of-the-art systems can offer.

Especially in the case of epidemiological data, this invention enables "crowd sourcing" of epidemiological data along the time axis and addresses the challenges of data collection from entities and patients in cases of pandemic, especially in cases of social distancing measures. The invention makes it possible to study the effect of infectious agents and how they affect along the time axis, either by creating secondary diseases or by aggravating new ones. By using the invention, patients with confirmed diagnoses can record their symptoms daily, along with various factors related to their health. The invention with the implementation of protocols and methodologies contributes to the development of new healthcare strategies to alleviate pandemics and improve personal care, recording as many cases as possible, including non-hospitalized and discharged disease-positive patients that have recovered with mild, moderate or no symptoms. The self-reported data from these patients on the progression of their disease, help to better understand the variables of clinical cases, their etiology and the unique progression of the disease of certain groups of people from different demographic areas with different genetic backgrounds and hereditary traits.

Advantages of the invention are that it achieves the authorized use and I or taking of biological material and / or data, manages the issues of confidentiality and consent and the determination of the level of communication and exchange of the above in the chain of use, with multiple abilities in real time. It also achieves the interface with all the different users, installing a single communication language. The invention introduces a novel business model which makes the implementation and operation of the system specific and useful.

This invention is defined by the claims.

Brief presentation of the Drawings

Drawing 1 presents an overall view of the system architecture.

Drawing 1A presents the flow chart of the multicriteria search query tool.

Drawing 2 is a flow chart for the functions of recording and management of the consent in the system as presented to the donor / patient, giving the patient ability to access either through the healthcare provider's interface or through the web application interface.

Drawing 2A is a detailed diagram of the options for the consent of the user "patient".

Drawing 3 is a flow chart for the system functions as presented to the user "biobank".

Drawing 4 is a flow chart for the internal functions of the system regarding the management system of the donor's / patient's consent and the harmonization of the system according to the consent status that the donor /patient activates.

Drawing 5 is a flow chart for the system functions as presented to the user "hospital". Drawing 6 is a flow chart for the system functions as presented to the user "patient / donor".

Drawing 7 is a flow chart for the system functions as presented to the user "researcher".

Detailed description

The following is a detailed description of an implementation mode of the invention and specifically in the field of management of biological material exchange networks with reference to the attached drawings.

As illustrated in Drawing 1 which shows the overall architecture of the system, this invention relates, among others, to the management of multiple protocols for the transfer of medical, bio-diagnostic data and natural biosamples. The technical solution provides an electronic system for recording the entire cycle of the development of a patient's disorder, collects the data and places them in the biobank collections, in a longitudinal way (along the time axis), thus connecting not only the series of data that were created, but by restoring the connection with the different samples collected in chronological order, without disturbing the anonymity status of the donor. This technical solution provides sufficient interoperable, clinical, molecular, genetic, translational, pre-analytical, environmental, and disease progression data from different sources, in a longitudinal way, in real time, dynamically forming a set of time frame data that accompanies each bioelement. In addition, it contains methods for recording, processing, transmitting and facilitating transactions in the overall network, which include clinical, biomedical, environmental data, and bioelements.

The protocol for managing and transferring the above according to the invention includes provisions for digital rights management (DRM). The electronic system uses digital rights management (DRM) technologies and electronic management technologies in relation to consent to store and use medical data, biological material and all data resulting from the management of both of them in the usage chain. As illustrated in Drawing 1, the usage chain includes the patient or donor, the hospital, the biobank and the research institute (collectively called "users") and the invention achieves the avoidance of unauthorized use or receipt of biological material or data. The invention also achieves the determination of the level of communication and information exchange of the other parts of the chain with the patient or the donor. This new technical solution allows the only and main owner of the biosamples as well as the related data, i.e. the donor, to form, according to his preferences, the usage chain of the above, the relationships between the different users and the level of access to both the biosamples and data, the information he wishes to receive from their use, the type of research applied by users, usage time and in real time in a dynamic way for the entire usage chain. The technical solution provides the donors / patients, with the appropriate configuration of the access rights, the capability to control their medical records and the bioelements through the electronic consent form. The different stakeholder requests, the correlations with patient data and bioelements and their interactions are defined by this configuration. The system allows the patients to control flow, supply (i.e., the provision of the data and / or biosamples of the donor to one or more users), management and research of their data and biomaterials. The consent system establishes a process by which it manages the accessibility of data, bioelements, as well as the application of research thereon and the communication of research between patients and research institutes. The technical solution sets out the conditions for the general and specific obligations of hospitals, biobanks and research institutes. As described in detail in the section "Digital and natural rights management", the patients define a set of rules for accessing their data and samples, as well as in which specific sections thereof.

As shown in Drawing 1, at the application level, where only one interface type (user interface, Ul) is used for each user case, the data provided for biomarker research by biobanks, which are related to the samples, are harmonized and standardized. The system for the collection of human bioelements and related data for biobanks and biological stocks provides the ability of interoperability, unifying ontology among the systems for obtaining, maintaining and transferring the data of biobanks and affiliated hospitals or health care providers. The aforementioned system creates linguistic and electronic ontological connections between different standards and offers the user the ability to locate specific human bioelements from multiple sources by using only a single unifying ontology, that of the system, despite the existence of multiple secondary ontologies. The invention implements the search of biosamples through only a single system, setting multiple user's choice, selection criteria, related to all types of data associated with them, in real time for multiple biobanking units in different geographical locations. It also implements the control of the availability of biosamples and the data related thereto, in real time and following the consent criteria set by the donors (Drawing 1, abilities of user "researcher"). The technical solution is an internet-based federated service, including a digital rights management system distributed to various management points, controlling the acceptance and release of patient- related health data. The preference for the patient's consent status translates into the determination of access, supply and management rights to data and bioelements in a network of healthcare providers, biobanks and research entities.

Data source

As shown in Drawing 1, data collection takes place from different sources such as patients themselves (environmental data, Patient Reported Real World Data), healthcare providers through EMRs (Electronic Medical Records) or EHRs (Electronic Health Records), biobanks for data related to the biosamples along the time axis, making the transition from an instantaneous, photographic capture to a recording of an evolutionary course along the time axis.

Security Infrastructure for data collection, storage, analysis

The portal of the digital system according to the present invention offers a single entry point, per user type, to the data collected for anyone who wants to have access, for the purpose of analyzing the stored information (Drawing 1, application level, user interfaces). Thus, the Security Infrastructure can guarantee adequate protection and security for all data and users. In this regard, the security infrastructure has/follows the following characteristics:

Provides different types of data users with a unique web portal (Drawing 1, application level, user interfaces). Allows a registered and authorized user to submit queries and analyze data from different organizations (e.g. biobanks) using common privacy tools and mechanisms (Drawing 1, authentication, Drawing 7, stage "I want to perform a new search with multiple criteria?").

Prohibits any user from having direct access to, copying or exporting personal and unidentified / de-identified data.

Prohibits the visualization of individual and unidentified data that is not necessary for any form of analysis (data minimization, Article 89 paragraph 1 GDPR).

Automatically manages the authorization of the data donor, for the use of his data, without updating approval, through a dynamic consent mechanism supported by the system (drawings 2, 2A, 4).

All user communications with the system, as well as all data sent are encrypted. End-to-end encryption is adopted for all communications (Drawing 1, service level, encryption).

The data is treated anonymously, while Homomorphic Encryption (HE) methods that allow the execution of calculation to be performed on encrypted data without being decrypted, are applied to the system. Thus, a generation of Fully Homomorphic Encryption (FHE) is supported with fast start techniques called FFHE - Fast Fully Homomorphic Encryption.

All component connections, such as those described below, adopt secure encrypted protocols. In this context, the following methods are implemented:

Adoption of user identity authentication methods, with a combination of server-side and client-side identity authentication methods.

Adoption of strong user identity authentication credentials.

Adoption of certificate pinning methodologies. Anonymization servers and / or tokenization servers are isolated from the network, except for the (single) node with which they are supposed to communicate.

Data security according to this invention

Data security is ensured according to the following methods:

A. Adoption of access control and user restriction methods (principle of the least privilege)

B. Data encryption is completed within the system

C. Anonymous and / or distinctive data is not accessible after completion of the anonymization /of the distinctive

D. Implementation of data integrity procedures

E. Examination of data deletion methods (where required)

Software security according to this invention

Software security is ensured according to the following methods:

A. Adoption of secure software development approaches (design-based security, code and error vulnerabilities detection, testing, etc.).

B. Adoption of known third-party software / software libraries / modules / code snippets (if any), only if implemented by accredited developers.

C. Adoption of code compression techniques according to this invention.

D. Avoidance of sensitive error detection logs printed on output and available to the user, even if accessed through special consoles.

E. Adoption of security through a design approach for the design of workflows applied to the system. Integrative shell

The whole system functions as an umbrella system, implementing a kind of Integrative shell on heterogenous pre-existing systems. All data entered into the system are recorded in 2 languages, electronic for the communication of electronic systems for the purpose of identification, classification and transfer of data and the language between users and the system (Drawing 1, application level, user interfaces).

In both of these languages the system can recognize the language of each electronic system and translate it into a single standard with which the content of the communication with the system will be stored. Internal users of the system continue to use the different languages for both uses, but the system extracts in both conversations all data in a single standard language, so the search tool (query tool) described below is possible. This is achieved by mapping the data fields from the source files to the target fields.

Query tool

The search tool (query tool system, Drawing 1A) is configured for "external users" (external user: unregistered user) and "internal users" (internal user: registered user) depending on the electronic consent data per donor / patient. Parameterization refers to the set of data generated not only at the initial point of the donor / patient interface with the system but vertically at all data production points, along the time axis. Also, this search does not provide access but informs about the presence or not of the biosamples and the following data, in number, drawing data from different biobanking entities in the whole network. Therefore, the search produces quantitative results from the system, reading the qualitative characteristics of the searches and running through all the patients in all the biobanks of the network (Drawing 1, biobank #1... #n) according to the limits and restrictions that have been set by the patient. The search result is presented to the user grouped in clusters depending on the existence of individual criteria in each cluster. For example, if the search criteria are A, B, C, D, the result can show all possible combinations of the four criteria in different clusters, i.e. the ABCD cluster, as well as the clusters A, AB, ABC, etc. Digital and natural rights management system

The term "digital rights" means the rights arising from the consent of the donor to other users and define the level of use of the system.

The term "Natural rights" means the rights arising from the donor's consent to other users and define the level of use of data and biosamples in the natural world.

The donor / patient configures through the use of the electronic consent and his options, the range of use of the system for all users, the range of access to data and samples (Drawing 2A), as well as the type of research performed either by natural or electronic way on these samples, as well as data (Drawing 2A, STEP 6). Both digital and natural rights of users are subject to joint control of their expression by the donor / patient.

The digital and natural rights management system has a digital and natural rights management machine that includes a method of authorizing access to electronic content and a natural biosampie. The method of access authorization to and / or use of electronic content (medical records, medical data, biosample management data) and a natural biosample for use in a digital rights management system includes an electronic digital rights management system. In the electronic management system, the donor / patient alters in real time the consent status for the storage, preservation and use of the biosample and medical data as identifiable, anonymized, identified or coded (Drawings 2, 2A, STEP 2). Assignment, change or withdrawal of electronic consent and I or authorization to use digital data and natural biosamples by a donor / patient determines:

1. the electronic, as well as the natural management of data and biosamples by a healthcare provider, a biobank and research entity

2. the type and field of research

3. time of retention of data, samples or medical records (individual or collective)

4. communication of different users with the subject 5. informing different users about the results of scientific / medical research

6. ability to index featured biological material through a multicriteria search engine with

7. users' ability to access data even when they are stored by a different user.

The method includes the electronic definition of the use or access per user in the chain of use of the electronic content and alters the permission to use (Drawing 2A, STEP 5), the possibilities of communication of the parties in the chain of use, the creation of bidirectional communications. Recognition of permission through consent includes the control program, according to the request for determining the use or access, that the requested access or other use of the electronic content is allowed (Drawing 2).

The digital rights management system can encrypt data that are subject to rights management. The digital rights management system also limits the functionalities that the user can perform to the data that are subject to rights management, in real time, according to the type of electronic consent and the rights it generates (Drawing 4). The functionality includes one or more data sets, response code, functionality parameter and response parameter of one or more functions, events, data sets or property codes.

The following method, shown in Drawing 4, is defined and produces results through the electronic consent of the donor / patient that defines the chain of use of the data and biosamples.

The method implements a procedure, instructions for handling and executing a security labeling service, so as to tag data or data flow and ensure compliance with the dynamic electronic consent form (Drawing 4), in real time, and with the necessary constraint requirements. The method adopts the function "binding" of all variables by configurating the options of the dynamic consent status, creating the corresponding access and view tags for all users. Binding is achieved through a digital controller which performs the control of appearance / access to the data elements of the donor / patient, following the rules of the consent type. Data flows can be bidirectional from all users to all users. The dynamic electronic consent form determines the natural use of the biosamples, without the presence of a mediator (Drawing 2, 2A, 4). The donor's choices determine the context of use and the rights of all users in the electronic system. The physical use of the biosamples is also determined by the donor, as they cannot be granted for use, nor can they be included in researches outside the framework that is defined. Determination restricts the appearance and use of data in the digital world. In the natural world, determination and use is based on legal and ethical rules, since when a research proposal is submitted, which may provide for new uses, it is not possible to have already the donor's consent for these uses. After the donor's choices at the end of the formation of his consent (Drawing 2A), the dynamic electronic consent is formed. The donor's choices are recorded on a form (text) and modified in real time each time the donor changes his choices informing in real time the rights of the system users (Drawing 2A). Dynamic electronic consent necessarily follows the samples to be used when these are passed on to researchers. When the donor changes consent status (Drawing 4), then the biobank and the system are updated again. Consent configurating runs through the entire time axis with reference to past and new donation rights.

Electronic consent system

As shown in Drawing 1, the management system is based on FHIR specifications (Fast Healthcare Interoperability Resources (Drawing 1, data level)) which allows interoperability and integration of health data into different Electronic Health Records (EHRs) systems (Drawing 1, patient's electronic record) and health information technologies (HIT), readily available via RESTful APIs (Drawing 1, APIs) in the cloud. These specifications have been enriched so as to include all of the data stored.

The FHIR server application is the HAPIFHIR reference application that includes the HAPIFHIR library and an open code application of the FHIR specification in Java.

On the management system based on FHIR specifications there is a new level using Node.js so that it functions and implements user identity authentication and access based on the roie of the user (Role-Based Access Control, RBAC) to the system. At this Roller Access Control (RBAC), rights are functions on an object that the user wishes to access. The permitted functions are grouped into roles. The role characterizes the functions that the user is allowed to perform. Roles (e.g. patient / donor, hospital, biobank, researcher) are assigned to users. When the role of a user has the necessary rights to access a data element, then the user is granted access to the data element (Drawing 1, user, patient, hospital, biobank, user researcher, Drawings 3, 5, 6, 7). FHIR easily activates the role based access control (RBAC), as FHIR resources are object types and CRUDE events (Create, Read, Update, Delete, and where FHIR is equivalent to rights to RBAC plan) are functions in these objects.

In Attribute-Based Access Control (ABAC), the user requests to perform functions on data. The access request of this user is approved or denied based on a set of access control policies determined on attributes and conditions. FHIR provides the ability to ABAC, provided that instances of a Resource in FHIR (Resources are object types) may have attributes associated with them. These attributes include security labels, environment conditions and a number of user and object attributes that have the same attributes as those used in ABAC. Attributes help define access control policies that define the functions that a user can perform on a resource (FHIR) or on an object (ABAC). These attributes can refer, for example, to the user role or identity thereof.

For example, a label (or attribute) may indicate that the identified resource (object) should not be further disclosed without the explicit consent of the patient.

The backend, according to this invention, uses a combination of Role-Based Access Control and Attribute-Based Access Control to implement the logic of electronic consent and the rights of users to read and modify (Drawing 4). Electronic consent status options in relation to data donation permissions, sample donation and access, patient relationship with usage chain entities and research types (Drawings 2A, 4) are all stored in an FHIR resource.

Every accredited user who has successfully passed Authentication control, depending on his role (utilizing Role-based Access Control) in combination with the options of the consent process (utilizing the Attribute-based Access Control), can operate patient characteristics in a way determined by the combination resulting from the user's role and the donor's choices in the electronic consent system regarding these characteristics (Drawing 4).

The Business Model

The business model involves the creation of a network of biobanks, through which biosamples are disposed, which are in a common tank and shared in multiple ways. Pricing depends on their oldness and data volume.

Business innovation is based on the technical part and is interrelated with it, consisting of the following:

1. The recording of data along the time axis and their direct connection with all the available samples on the time axis, determines the predicted sale price (Drawing 1).

2. Recording of patient-reported real world data and their direct link thereof to any data that accompanies biosamples did not pre-existed in any biobank data management system (Drawing 6, stage "Does the patient wish to add new data?", "YES", "addition").

3. The electronic determination of the usage rights by the donor makes possible the business transaction, as the dynamic consent does not require additional actions by the seller and / or buyer.

4. The pricing of biosamples derives from the following calculation algorithm, which calculates the type of sample, the nature of the disease, the range and depth of the data.

Selling price = MVxSDxY where MV is the average selling price (sample type x disease type x quantity), SD is the number of different data sources and Y is the number of years with data accumulation from different sources.

Data sources increase the selling price by 10% to 20% and cumulatively up to 60% (clinical data 10%, environmental data 10%, sample management 10%, laboratory analyses 10%, genetic data 20%). Each year of data accumulation increases the average selling price by 10% (e.g. 1 year 10%, 3 years 30%).

5. The remuneration of the system administrator shall also be determined through a fixed percentage of the final selling price of the biosample when it is in a common biosample pool, from different biobanking entities, and results from the system answering compatibility queries.

In addition to the technical field of biobanks, this invention can be applied in various business fields, such as:

In the field of health insurance, where the present invention eliminates the need for intermediaries in relation to the provision of insurance policies, significantly improves the speed and accuracy of cost reporting to patients, and functions as a tool for recording claims.

In the field of the pharmaceutical industry, where this invention contributes to the fight against drug counterfeiting, compliance and measurable supply chain transformation and enables unbiased and transparent clinical trials with quality Real World Data.

In the field of vehicle insurance, where this invention has an immediate application thereon; if, for example, the biosample is replaced with the vehicle, the healthcare provider with the garage, the researcher with the insurance company and the medical data with the vehicle use and maintenance data.

In the field of education, if, for example, the bio sample is replaced with the student, the health care provider with the education provider, the researcher with the trainer and the medical data with the individual educational characteristics.

In the field of labor research, if the biosample is replaced by the job position, the health care provider with the employer, the researcher with the employment office and the medical data with the data of the candidate's CV.

In general, the invention applies to any field where there is simultaneous access to and management of personal or confidential data by multiple entities with different way of use.