That is a very individual, circumstantial kind of question that has to be addressed in any issue.
For example, even before electronic databases, if we look at the duty of confidentiality of physicians to their patients, if things are required because of risk to the patient or to identifiable persons, or if information is required to be transmitted because of law, then those duties override the confidentiality duty to the patient. It really depends very much on the nature of the information and what the intended purpose for it is. There would be ways through either research boards or regulatory boards to weigh those decisions, and that's why it's important to have frameworks set up to do that.