Digitized, networked healthcare promises earlier detection, precision therapeutics, and continuous care; yet, it also expands the surface for privacy loss and compliance risk. We argue for a shift from siloed, application-specific protections to privacy-by-design at scale, centered on decision-theoretic differential privacy (DP) across the full healthcare data lifecycle; network-aware privacy accounting for interdependence in people, sensors, and organizations; and compliance-as-code tooling that lets health systems share evidence while demonstrating regulatory due care. We synthesize the privacy-enhancing technology (PET) landscape in health (federated analytics, DP, cryptographic computation), identify practice gaps, and outline a deployable agenda involving privacy-budget ledgers, a control plane to coordinate PET components across sites, shared testbeds, and PET literacy, to make lawful, trustworthy sharing the default. We illustrate with use cases (multi-site trials, genomics, disease surveillance, mHealth) and highlight distributed inference as a workhorse for multi-institution learning under explicit privacy budgets.

翻译：数字化、网络化的医疗体系有望实现早期检测、精准治疗和连续性护理，然而同时也扩大了隐私泄露与合规风险的暴露面。我们主张从孤立、应用特定的保护措施转向大规模隐私保护设计，其核心应贯穿医疗数据全生命周期的决策论差分隐私（DP）、考虑人员、传感器与组织间相互依赖性的网络感知隐私计量，以及让医疗系统在共享证据的同时展现合规审慎义务的代码化合规工具。本文综合梳理了医疗领域的隐私增强技术（PET）生态（包括联邦分析、DP、密码学计算），识别实践缺口，并规划了可部署的实施路径，涵盖隐私预算账本、跨站点协调PET组件的控制平面、共享测试平台以及PET素养提升，旨在使合法可信的数据共享成为默认模式。我们通过多中心临床试验、基因组学、疾病监测和移动医疗等用例加以阐释，并强调分布式推断作为在明确隐私预算下实现多机构学习的核心方法。