Confidentiality has been considered to be a basic element of the doctor-patient relationship worldwide since the time of Hippocrates. On the verge of entering a society in which communication plays a leading role, confidentiality alone can no longer protect the patient's rights. Increasing diagnostic activity multiplies the amount of data available for processing in health systems. On the other hand, the use of electronic medical records allows practically unlimited amounts of data to be saved. The compilation of any personal data, however, requires a legal basis such as the consent of the individual concerned, which is generally given within the doctor-patient relationship. Compiled medical data can be assigned to four main sectors: therapy, financing, administration and research. This division into four sectors is based on the need to reconcile the conflicting needs of the patient's right to informational self-determination and third-party interests. Data can be processed for one or more of these purposes insofar as a legal basis therefore (law or consent) exists. Using the data for purposes outside the sector for which they were compiled interferes with the individual's right to informational self-determination. Thus most data compiled in the course of therapy may not be processed for research purposes, unless made anonymous, thereby losing the chance of retracing the source of the data. However, new informational techniques can procure secure anonymized and retraceable data flow. The legislature has to consider these technologies in order to enable the enormous opportunities presented by new methods of data processing to be fully exploited in research.