Separation of different types of personal data has been introduced as an effective measure to improve data protection in the context of medical research. In particular, research associated with human biomaterials requires not only secure technologies but also trustworthy processing of personal data on a need-to-know basis. Web-based information systems make use of a technological infrastructure that is well suited to distributed data repositories and remote processing systems. This approach was successfully applied to develop an information system supporting acquisition, processing and storage of remnant biomaterial from surgical treatment, as well as its allocation to research projects. In order to enhance data protection, the contents of the originally unified database were divided into identification data and medical data. A web application was created for each part and appropriate functionality to maintain and access corresponding data was developed. It is concluded that a distribution of biobanking data across separate databases can be achieved if workflows and staff roles are redesigned accordingly.