Medical facilities, (e.g., hospitals), are increasingly using cloud-based software solutions. These software solutions require sensitive medical patient data to be uploaded into a data center. The upload is performed by a special upload software. The upload software uploads the patient data without anonymization to the data center. The hospital therefore performs an anonymization prior to the actual upload, in order to observe the respective data protection provisions. This procedure is prone to error, time-intensive, and difficult to control. In particular, country-specific data protection provisions apply in different countries. Moreover, it is not possible to provide that the uploaded patient data may be processed in the cloud.