PRIVATE.ME PLATFORM

xRecord: EHR Interoperability

XorIDA splits electronic health records across multiple providers. No single provider holds a complete record. Patient consent validated before every operation.

Healthcare / EHR COMING SOON XorIDA Powered

Section 01

The Problem

Electronic health records are locked in vendor silos. Sharing across providers requires full record exposure. HIPAA compliance adds friction to every data exchange.

Patients who see specialists across multiple health systems have their records fragmented. When records need to be shared for care coordination, the current model requires transmitting the complete patient record to the receiving provider. This creates copies of sensitive data at every care site, multiplying breach exposure.

HIPAA's minimum necessary standard requires sharing only the data needed for treatment, but technical systems make it easier to share everything than to filter. The result is over-sharing that violates regulatory intent and creates liability.

The Old Way

Section 02

The PRIVATE.ME Solution

XorIDA splits EHR data across multiple providers. No single provider holds a complete patient record. Patient consent is validated before every reconstruction.

Each patient's record is split into N shares distributed across participating healthcare providers. Care coordination proceeds by reconstructing only the minimum necessary data at the point of care, with the patient's real-time consent. After the care event, the reconstructed data is discarded.

This model transforms EHR interoperability from "copy everything to everyone" to "reconstruct only what's needed, when it's needed, with consent."

The New Way

Section 03

How It Works

A consent-driven pipeline ensures patient records are only reconstructed at the point of care, with minimum necessary data, and discarded after use.

Key Security Properties

Minimum necessary: Only the data needed for the care event is reconstructed. Consent-gated: Patient consent validated in real time before every reconstruction. Ephemeral access: Reconstructed data is discarded after the care event completes.

Section 04

Use Cases

🏥

Multi-Hospital

Multi-Hospital Care Coordination

Enable care coordination across hospital networks without copying complete records to every facility. Each hospital holds shares, not complete charts.

Care Networks

📋

Patient Portability

Patient Record Portability

Patients moving between health systems carry consent tokens, not records. Records are reconstructed at the new provider from distributed shares on demand.

Patient-Centered

🔗

HIE Networks

Clinical Data Exchange

Health Information Exchanges can operate without centralized data stores. Shares distributed across participating institutions, reconstructed only for authorized queries.

Interoperability

🔬

Research

Research Data Networks

Clinical research networks access de-identified record shares for studies. Individual patient records never leave their home institution in reconstructable form.

Clinical Research

Section 05

Integration

Quick Start

import { splitRecord, coordinateCare } from '@private.me/xrecord';

// Split EHR across 3 providers (2-of-3 threshold)
const shares = await splitRecord(ehrPayload, {
  providers: ['hospital-a', 'hospital-b', 'specialist'],
  n: 3,
  k: 2
});

// Coordinate care with consent-gated reconstruction
const record = await coordinateCare({
  consentToken: patientConsent,
  providers: ['hospital-a', 'specialist']
});

splitRecord(ehr: EHRPayload, providers: string[], config: { n: number, k: number }): Promise<HealthShare[]>

Splits an electronic health record into N shares distributed across specified healthcare providers with K-of-N threshold reconstruction. Consent validation enforced before every operation. Supports HL7 FHIR and C-CDA formats.

Section 06

Security Properties

Property	Mechanism	Guarantee
Minimum Necessary	Selective field reconstruction	Only needed data surfaces at point of care
Consent Enforcement	Real-time consent token validation	Every reconstruction requires patient authorization
Tamper Detection	Per-share HMAC-SHA256	Any modification detected before reconstruction
Quantum Resistance	Information-theoretic security (GF(2))	No computational assumption to break
HIPAA Alignment	Threshold-based access model	No single provider holds complete records

<1ms

Typical payload

K-of-N

Configurable threshold

0 bytes

Exposed per breach

FHIR

Standard compatible

VERIFIED BY XPROVE

Verifiable Data Protection

Every operation in this ACI produces a verifiable audit trail via xProve. HMAC-chained integrity proofs let auditors confirm that data was split, stored, and reconstructed correctly — without accessing the data itself.

XPROVE AUDIT TRAIL

Every XorIDA split generates HMAC-SHA256 integrity tags. xProve chains these into a tamper-evident audit trail that proves data was handled correctly at every step. Upgrade to zero-knowledge proofs when regulators or counterparties need public verification.

Read the xProve white paper →

GET STARTED

Ready to deploy xRecord?

Talk to Ren, our AI sales engineer, or book a live demo with our team.

Book a Demo

VERIFIABLE WITHOUT CODE EXPOSURE

Ship Proofs, Not Source

xRecord generates cryptographic proofs of correct execution without exposing proprietary algorithms. Verify integrity using zero-knowledge proofs — no source code required.

XPROVE CRYPTOGRAPHIC PROOF

Download proofs:

Tier 1 HMAC (~0.7KB)
Tier 2 Commit-Reveal (~0.5KB)
Tier 3 IT-MAC (~0.3KB)
Tier 4 KKW ZK (~0.4KB)

Verify proofs online →

Use Cases

🏛️

REGULATORY

FDA / SEC Submissions

Prove algorithm correctness for distributed systems without exposing trade secrets or IP.

Zero IP Exposure

🏦

FINANCIAL

Audit Without Access

External auditors verify secure operations without accessing source code or production systems.

FINRA / SOX Compliant

🛡️

DEFENSE

Classified Verification

Security clearance holders verify distributed systems correctness without clearance for source code.

CMMC / NIST Ready

🏢

ENTERPRISE

Procurement Due Diligence

Prove security + correctness during RFP evaluation without NDA or code escrow.

No NDA Required

Deployment Options

🌐

SaaS Recommended

Fully managed infrastructure. Call our REST API, we handle scaling, updates, and operations.

Zero infrastructure setup
Automatic updates
99.9% uptime SLA
Enterprise SLA available

View Pricing →

📦

SDK Integration

Embed directly in your application. Runs in your codebase with full programmatic control.

npm install @private.me/xrecord
TypeScript/JavaScript SDK
Full source access
Enterprise support available

Get Started →

🏢

On-Premise Upon Request

Enterprise CLI for compliance, air-gap, or data residency requirements.

Complete data sovereignty
Air-gap capable deployment
Custom SLA + dedicated support
Professional services included

Request Quote →

Enterprise On-Premise Deployment

While xRecord is primarily delivered as SaaS or SDK, we build dedicated on-premise infrastructure for customers with:

Regulatory mandates — HIPAA, SOX, FedRAMP, CMMC requiring self-hosted processing
Air-gapped environments — SCIF, classified networks, offline operations
Data residency requirements — EU GDPR, China data laws, government mandates
Custom integration needs — Embed in proprietary platforms, specialized workflows

Includes: Enterprise CLI, Docker/Kubernetes orchestration, RBAC, audit logging, and dedicated support.

Contact sales for assessment and pricing →