In this paper, we explore how techno-legal configurations shape the evolution of an information infrastructure (II) by focusing on data as its critical components. We define techno-legal configurations as assemblages, which are technologically determined by the functionalities for data storage, processing, sharing and usage, and legally determined by the basis for data processing, such as consent, data-processing agreements or laws. To study II’s evolution we conduct an 11-year study of a regional II in Norway as electronic patient record data and patient-generated healthcare data were shared within and across hospital organizations. We show how the considerations of data as internal and external to organizations are continuously renegotiated across techno-legal configurations, which we define as harmonized space and disparate space. We contribute to the II literature by raising the importance of the law in shaping the boundaries across which data can be produced, shared and used
