Knowledge Base for Investigators

Searching for patient related article? Navigate to the 
Knowledge Base for Patients

inCytes™ Personal Data Architecture


inCytes™ is a software as a service technology, built upon Amazon Web Services “AWS”, which process large amounts of data, including health data and personally identifiable information. Such data, depending upon country, institution, and other policies, are often regarded as sensitive data, data concerning health, protected health information or PHI, personal data, or other similar terms. For purposes of this document, we will use terms and defined roles from the Global Data Protection Regulation, or GDPR.

In all instances, inCytes™ and Amazon Web Services shall serve as Data Processors, processing Personal Data according to the instructions by Data Controllers. This document helps inform Data Controllers of the existing infrastructure upon which inCytes™ is built, and of the available options for data processing. It is the Data Controller’s obligation to select processing which complies with their local regulations and data governance policies.

Core Definitions:

Data Controllers

Data Controllers are defined as “the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data…”

Personal Data

Personal Data is defined by the GDPR as “any information relating to an identified or identifiable natural person “data subject…”’.  For the purposes of this document, Data Subjects shall be Patients.  

Personally Identifiable Information “PII”

All identifying information which alone or in aggregate identifies a natural person. Examples include names, contact information, addresses, etc.


Pseudonymization is defined as “processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information.” The GDPR further elaborates in Recital 26 “To determine whether a natural person is identifiable, account should be taken of all the means reasonably likely to be used, such as singling out, either by the controller or by another person to identify the natural person directly or indirectly. To ascertain whether means are reasonably likely to be used to identify the natural person, account should be taken of all objective factors, such as the costs of and the amount of time required for identification, taking into consideration the available technology at the time of the processing and technological developments. The principles of data protection should therefore not apply to anonymous information, namely information which does not relate to an identified or identifiable natural person or to personal data rendered anonymous in such a manner that the data subject is not or no longer identifiable.”

inCytes™ Server Architecture

Subscriber Personal Data Entry

Fig. 1:

Fig. 2:

Fig. 3:

Fig. 4:

Fig. 5:

Fig. 6:

Fig. 7:

Fig. 8:

Subscriber Data Access

Fig. 1:

Fig. 2:

Fig. 3:

Fig. 4:

Fig. 5:

Key Considerations for Data Controllers using inCytes™

  1. Select AWS Cognito Server Location;
  2. Enable 2-Factor Authentication for Subscribers and/or their Patients;
  3. Designate which fields in one’s protocol might include PII;
  4. Determine the Circle data sharing settings, including Personal Data or Non-Personal Data;
  5. Upload Data Subject Consent Form;
  6. If needed, craft Joint Controller Agreement.

Search keywords:

Haven't found a solution?