Time. As technology evolves, application software typically becomes obsolete. On the server-side MyPHRMachines prevents deprecation problems by virtualizing execution environments holistically. The software to create the idealized environments on contemporary hard- and software is maintained by big vendors [9], regardless of the MyPHRMachines-specific extensions. On the client-side, MyPHRMachines does rely on contemporary web technologies, but only to realize a generic remote desktop client. Hence, also client software maintenance is decoupled from the number and complexity of PHR software services.
PHR systems typically offer functionality to share, visualize, and analyze PHR data [10]. myPHRMachines also enables its users to share software to work with the health-related data, keeping data and software clearly separated in the system architecture. Having separate data and functionality also allows a finer grained delegation of access to different stakeholders. Specifically, MyPHRMachines allows patients to selectively reveal health information to other stakeholders and it guarantees that, once shared with a stakeholder, health information cannot be improperly stored. First of all, the software specialists deploying third party PHR services to MyPHRMachines never get access to patient data; secondly, even those whom have been given access to patients’ remote VM sessions cannot use or store the data/software beyond the time frame that is offered by the session owner (i.e., a patient or his or her guardian). Currently available PHR systems do
offer selective delegation mechanisms, but pose fundamental privacy threats in this context. Examples of typical threats
characterizing currently available PHR systems are discussed later while reviewing related work.