Fig. (1) The PWPHN Steering entity delegates authority to regions and sub-regions down to the level of the healthcare provider (e.g. hospital). Policy propagation occurs down to the security server policy generator that authenticates and authorizes health workers reading and writing on EHRs based on user-role, dataset, and user-location hierarchy employing a three-dimensional access matrix to define final user permissions (see text for details). Healthcare actors interact with the local EHR. The healthcare provider provides storage (at least equal in size to the local EHR requirements) for cloud usage. In exchange, the local EHR data is archived to the P2P cloud. Some of this can remain private and specific to the healthcare provider, but most becomes part of the PWPHN EHR and available to other healthcare providers planet-wide.