Insert diagram of security & privacy features
Explain: using a different UIN in each subsystem - no direct/easy links between the records in different subsystems
To be completed
