Purpose/Significance Based on the typical use scenario of sensitive personal information in medical and health institutions, the implementation of the secure use of sensitive personal information is explored.Method/Process For user registration, internal utilization and interaction, medical device/wearable device collection and information disclosure and other scenarios, the paper analyzes the risk of sensitive personal information leakage, explores the application scenarios, advantages and disadvantages of various technical means such as identity authentication, access control, data encryption, data desensitization and detection audit.Result/Conclusion The application of technical means can assist medical and health institutions to further protect the security of patients’ personal information.