Today, the healthcare sector is driven by the need to reduce costs while simultaneously increasing the service quality for patients. This goal can be reached by the implementation of an EHR (Electronic Health Record) system. Several architectures have been proposed, but lack appropriate security mechanisms to protect the patients’ privacy. In this publication we outline our approach PIPE (Pseudonymization of Information for Privacy in e-Health), which is applicable for the primary and secondary usage of health data and give insights on the security of our technique. Further we state the economic constraints, by proposing a threshold scheme to secure the tokens needed for accessing the system.