How AKTIN works

A decentralised infrastructure for the secure use of data

In contrast to traditional data collections, where all patient data is stored centrally in a database, AKTIN works in a decentralised and federated manner. This means that

The data remains local to the emergency department/hospital.
Each hospital retains full control over its data.
The hospitals receive active participation in research, tools for quality management and data quality monitoring.
Researchers can submit data requests and carry out analyses.
Data protection and data security are built into the infrastructure, not downstream.

The technical architecture

Bienzeisler, J., Kombeiz, A., Ehrentreich, S. et al. Implementation report on pioneering federated data access for the German National Emergency Department Data Registry. npj Digit. Med. 8, 94 (2025). https://doi.org/10.1038/s41746-025-01481-w

The 4 steps of the AKTIN workflow

Emergency Departments routinely document their patients in their IT systems, e.g. :

When did the patient arrive?
Why did he/she come?
What treatment did he/she receive?
How long was he/she in the Emergency Departments?

This data is standardised according to the DIVI Emergency Departments data set- a uniform standard developed by the professional association DIVI e.V., which all participating Emergency Departments use to document emergency care.

The data is transferred from the hospital software to the local AKTIN data warehouse via an HL7-CDA interface (an international standard for medical data). In the future, this will also be possible with an HL7-FHIR interface.

Each Emergency Departments operates its own AKTIN data warehouse (DWH), which manages research requests and provides the required data after approval.

Important: The raw data ALWAYS remains local. They do not leave the clinic.

The data warehouse uses i2b2 technology - a proven, open platform used by leading medical centres worldwide.

Each clinic controls:

What data is stored
How long it remains stored
Who is authorised to access it

A researcher wants to answer a question, e.g: "How long do patients with headaches wait in Emergency Departments?"

This is what happens:

The researcher submits an application for data analysis to the Data Use and Access Committee (DUAC) after receiving advice from the AKTIN TDAC.

Scientific evaluation by the DUAC:
1. Is the research question ethically justifiable?
2. Is it scientifically valuable?
3. Are the principles of data minimisation and data protection complied with?
Translate into IT request: Once the request has been approved by the DUAC, it is converted into a technical request (SQL syntax)
Send to all clinics: The request is sent to the participating Emergency Departments via the AKTIN Broker
Check & approve locally: Each clinic decides individually whether it wants to contribute data to a request
Automatic or manual approval: If approved, the data is automatically extracted from the DWH and sent to the AKTIN Broker. The data is already processed in initial aggregation stages (e.g. formation of age groups) when it is queried in the clinic

The AKTIN Trusted Data Analytics Centre (TDAC) is a protected location for data analysis.

The results from all clinics are collated and analysed here:

The data from the individual clinics is quality-checked and further aggregated.
In the first step, the researcher receives a descriptive analysis, after which further analyses are carried out in accordance with the analysis plan.

Applicants NEVER receive raw data from individual patients. They only see aggregated results (e.g. "Average waiting time: 2.5 hours")

The principle of the "five safes"

AKTIN works according to the proven security principle of the "Five Safes", a combination of 5 levels of protection:

Safe Data

Only medically relevant information remains original.
Pseudonymisation: Directly identifying information (name, date of birth, address) is removed, internal clinic IDs are hashed.
Only anonymous results can leave the protected analysis centre (TDAC) - patient anonymity is preserved.

Safe People

Analyses are only released to members of public research institutions, participating clinics or medical-scientific societies.
User contracts are concluded.
Names and contact details of researchers are published.

Safe Projects

A detailed review and assessment of each research question is carried out by the AKTIN DUAC.
A justification and legitimisation is required for each variable queried.
Emergency Departments receive further information on the purpose of the enquiry and a list of the variables queried.

Safe settings (safe environment)

The analyses are only carried out in the AKTIN TDAC.
Restricted internet access & firewalls
Encrypted data transmission
Local authorisation in each Emergency Departments

Safe Outputs

Only aggregated and anonymous results are issued. Individual case information is never provided.
Check for possible re-identification
Documentation of all data flows

Source: Bienzeisler, J., Kombeiz, A., Ehrentreich, S.et al.Implementation report on pioneering federated data access for the German National Emergency Department Data Registry.npj Digit. Med. 8, 94 (2025). https://doi.org/10.1038/s41746-025-01481-w