Computer and communication security technologies have traditionally been regarded as something required only by governments, and treated as munitions for the purposes of export control. It is certainly true that diplomatic and military superiority depends to a great extent upon the ability to protect information. At the same time, we have come to realize that the security of a society depends in large part on its ability to maintain a high standard of living, and business is realizing more and more that this means protecting their information. Unfortunately, the defense establishment is loathe to allow widespread deployment of security technologies, for fear that they will fall into the hands of our military adversaries. The resulting tension serves to inhibit the development of technology for protecting medical information. This is particularly true in the case of cryptography, where there is very little expertise that the private sector can draw upon to secure their data. Moreover, there is currently no effective support structure for research into information security methods to meet the needs of the private sector.