Biological data from a person are considered as sensitive data. As bioinformaticians we are probably all at some point exposed to genomic data from someone else.

For example, if you are working with cancer samples, usually you have the normal (blood) sample to substract for germline mutations. The blood sample is automatically considered as sensitive, but the tumor sample not as much. However, you can actually deduce you way back to the original genome based on the cancer genome.

In Norway we have recently implemented a service for sensitive and personal data where we can store and analyze data. I have realized that this differs a lot from country to country, but I couldn't find a proper post or website discussing this issue.

I am wondering how you handle sensitive data in bioinformatics in your home country, or your home institution, and what do you consider as sensitive data?

There should be ethical bindings are and agreement signed by the hospital , research institution and the PI of the lab who initiates the project with that of the patients for whom the data is being analyzed. There should be some sort of agreement of the information that should be masked or cascaded. As long as the patients personal information is not revealed in any publication or posts or even not discussed with some sort of agreement then it should be fine. For personalized genomics analysis the patient should be given a report of the systemic change that he/she is facing based upon what your report guidelines are laid upon if its a personalised genomic analysis for your lab/company/hospital/institution.

You have to see what is the ethical binding for human research in your country as far as personal data of the patients are concerned.