A popular medium for data publishing and sharing on the Web. Modern enterprises across all spectra are moving towards a service-oriented architecture by putting their databases behind Web services, thereby providing a well-documented, platform independent and interoperable method of interacting with their data. This new type of services is known as DaaS (Data-as-a-Service) services where services correspond to calls over the data sources. DaaS sits between services-based applications (i.e. SOA-based business process) and an enterprise’s heterogeneous data sources. Privacy relates to numerous domains of life and has raised particular concerns in the medical field, where personal data, increasingly being released for research, can be or have been, subject to several abuses, compromising the privacy of individuals. The result of the composition process is a composition plan which consists of DaaS that must be executed in a particular order depending on their access patterns (i.e., the ordering of their input and output parameters). The Q can be answered by composing the following services S1.1 • S4.1 • S2.2 • S3.1 • S5.1. It means that S1.1 firstly is invoked with H1N1, then for each obtained patient, S4.1 is invoked to obtain their DNA, S2.2 and S3.1 to obtain date−of−birth, zip−code and salary of obtained patients. Finally, S5.1 is invoked with the patients’zip−code to get information about the weather−conditions. a dynamic privacy model for Web services. The model deals with privacy at the data and operation levels. A negotiation approach to tackle the incompatibilities between privacy policies and requirements. Although privacy cannot be carelessly negotiated as typical data, it is still possible to negotiate a part of privacy policy for specific purposes. privacy policies always reflect the usage of private data as specified or agreed upon by service providers.