The cloud is by nature opaque [7] and therefore may pose additional data security threats. The encryption of healthrelated
data is a particularly relevant topic in the design of 2http://www.peoplechart.com electronic health records [33]. Given that the number and type of care institutions with which health data will be shared is not likely to be known a priori, the literature suggests to use attribute base encryption (ABE) as the main encryption primitive for sharing EHR data [34]. In ABE access policies are expressed based on sets of attributes of users, rather than on the unique identity of users. This allows patients to selectively share their PHR data in a secure way to a set of users without the need to know their complete identity. A characterization of ABE encryption in the context of PHRs has been proposed in [34], whereas the implementation of ABE encryption in the PHR Indivo X is proposed by [35]. We consider ABE encryption a solution that should complement the current implementation of MyPHRMachines. In this paper, in fact, we are brief about such generic security techniques to enable a deeper discussion of the unique privacy protection mechanisms that are offered by MyPHRMachines.