There exist several privacy frameworks for cancer research or biobanking (e.g. ACGT, GenoMatch, caBIG). But most existing privacy frameworks apply the most stringent approach to their data flow and interpret “anonymisation” in a restrictive way. A more flexible approach is needed to guarantee privacy of patient data, but at the same time enable unhindered research. We developed an easy model to display policies and rules for data privacy; it employs the novel concept of "privacy zones for research data flows". The zone model can be used for all important research scenarios. The Privacy Zone Model is built upon the concept of three zones (Care Zone, Non-care Zone and Research Zone) habouring databases, data transformation operators, such as data linkers and privacy filters. Using our model, a risk gradient for moving data from a zone of high risk for patient identification to a zone of low risk can be created for each data flow.