Eighteen of nineteen countries reported that there are multiple authorities in custody of key national databases for population health and health care monitoring and research. Data custodians in all countries reported significant efforts to protect data. Nonetheless there is variation across data custodians in challenging areas of data security including practices to de-identify data to protect patient privacy so that the data can be used for monitoring and research; and provision of safe mechanisms so that researchers from other government ministries or from academia could access and use data. Some custodians manage risk by refusing data access while others would consider providing access to identifiable patient-level data. Several data custodians noted that fulfilling all the responsibilities associated with data protection is expensive and there are cost pressures. A few countries provide interesting examples of centralising the difficult tasks of linking data, de-identifying data and approving and supervising access to data that have the potential to standardise practices and be more efficient. The sharing of person-level data across borders for international comparisons is rarely reported and there were few examples of data linkages for multi-country comparative studies.This chapter presents country experiences in the de-identification of data to protect the privacy of individuals; the development of secure facilities for access to data with high re-identification risk; project approval processes for data linkage projects; data security within public authorities holding data and when public authorities provide data to external researchers; and governance of multi-country studies involving personal health data.