Today, the health care sector is driven by the need to reduce costs while simultaneously increasing the service quality for patients. One major aspect to reach this goal is the implementation of an EHR (Electronic Health Record) system which also supports the execution of medical standard processes. Nevertheless, these nation-wide medical storages are a promising goal for attackers. Thus, people are naturally concerned about their privacy. These concerns and the lack of existing approaches to provide a sufficient level of security raise the need for a system that guarantees data privacy and keeps the access to health data under strict control of the patient.

In this thesis we discuss our approach PIPE (Pseudonymization of Information for Privacy in e-Health), which differs from existing approaches in its ability to securely integrate primary and secondary usage of health data. First of all, we elaborate on existing methods, principles and techniques in the fields of security and privacy. Afterwards, we work out necessary cornerstones of secure EHR systems. Finally, we show how PIPE provides solutions to shortcomings of existing approaches.

PIPE may be used as a basis for implementing secure EHR architectures or as an extension to existing systems.