As the new human genetics continues its dramatic expansion into many laboratories and medical institutions, the concern for the protection of the personal privacy of individuals who participate increases. It seems that even the smallest of laboratories must confront the issue of how to protect the genetic and phenotypic information of participants in their research. Some have promoted the use of anonymity as a way out of this dilemma. But we are reminded by others that the future cannot be predicted, and that future benefits may be lost when the links to these benevolent volunteers are gone forever. More recently, some ethical bodies have suggested, without specific recommendations, that a reversible third-party encryption system may be a solution to this problem. However, they have not provided a route or even examples of how to proceed. We present here the Icelandic approach to this issue by developing a third-party encryption system in direct collaboration with the Data Protection Commission (DPC) of Iceland. We have incorporated the encryption system within our sample collection and storage software, which minimises inconvenience but enhances security. The strategy assures a barrier between the laboratory and the outside world that can only be crossed by the DPC.