We propose a solution that provides protection for patients' electronic health/medical records disseminated among different authorized healthcare information systems. The solution is known as Active Bundles using a Trusted Third Party (ABTTP). It is based on the use of trusted third parties, and the construct named active bundles. The latter keep electronic health/medical records as sensitive data; include metadata with information describing sensitive data and prescribing their use; and encompass a virtual machine (VM), which controls and manages how its active bundle behaves. An essential task of the VM is enforcement of the privacy and other policies specified by metadata. We also propose enhancements to the ABTTP scheme. They include adding to ABTTP an algorithm finding the degree of privacy policy inclusion between two privacy policies, and a scheme, known as Agent-Based Active Bundles, which replaces trusted third parties with intelligent agents
