Patient data is data relating to ONE patient, such as his/her diagnosis, name, age, earlier medical history etc. Patient based data is important when you want to track longitudinally the progress of a patient over time. For example, if we want to track how a patient is adhering to and responding to the process of TB treatment (typically taking place over 6-9 months), we would need patient based data.

Aggregated data is the consolidation of data relating to multiple patients, and therefore cannot be traced back to a specific patient. They are merely counts, such as incidences of Malaria, TB, or other diseases. Typically, the routine data that a health facility deals with is this kind of aggregated statistics, and is used for the generation of routine reports and indicators.

Patient data is highly confidential and therefore must be protected so that no one other than doctors can get it. When in paper, it must be properly stored in a secure place. For computers, patient data needs secure systems with passwords and restrained access.

Security concerns for aggregated data are not as crucial as for patient data, as there are no ways of relating it to a person. However, data can still be misused and misinterpreted by others, and should not be distributed uncritically. A data policy needs to be established by the managers about who gets access to what data.