Purpose The purpose of this paper is to review current practice in sharing and mining medical data revealing benefits, costs and ethical issues. Based on stakeholder perspectives and values, the authors create an ethical code to regulate the sharing and mining of medical information. Design/methodology/approach The framework is based on a review of academic, practitioner and legal research. Findings Owing to the inability of current safeguards to protect consumers from risks related to the disclosure of medical information, the authors develop a framework for ethical sharing and mining of medical data, security, transparency, respect, accountability, community and quality, which espouses security, transparency, respect, accountability, community and quality as the basic tenets of ethical data sharing and mining practice. Research limitations/implications The STRACQ framework is an original, previously unpublished contribution that will require modification over time based on discussion and debate within and among the academy, medical community and public policymakers. Social implications The framework for sharing borrows from the Fair Credit Reporting Act, allowing the collection and dissemination of identified medical data but placing strict limitations on use. Following this framework, benefits of shared and mined medical data are freely available with appropriate safeguards for consumer privacy. Originality/value Mandates for adoption of electronic health-care records require an understanding of medical data mining. This paper presents a review of data mining techniques and reasons for engaging in the practice of identifying benefits, costs and ethical issues. The authors create an original framework, STRACQ, for ethical sharing and mining of medical information, allowing knowledge exploration while protecting consumer privacy.