- DRM promises to provide that any object that is protected by DRM will be protected all the way to the ultimate use, and thus be protected against any uses in the middle or secondary uses beyond the intended use.
- DRM promises to give the Patient a strong expressive policy language that allows the patient to indicate the appropriate uses and the obligations around those appropriate uses (such as must now save a copy, or can't print).
- DRM promises that if the Patient changes their mind, these changes can be retroactively applied to all copies of the object. This is because all accesses to the object must be mediated by the Rights Authority.
- I am sure there are others
- This model requires a SINGLE Rights Management authority that 'knows all'.
- This Single Right Management authority is a single-point-of-failure
- This Single Rights Management authority understands only ONE authority
- Where in healthcare there is arguably equal rights between the Patient who the data is about, and the Doctor who created the data and is held medically responsible for the accuracy
- This Single Rights Management authority is today - Proprietary
- Yes, there are standards for the envelop policy
- Yes, they use standards based encryption
- But the Key-Management and the method used to unlock the data is proprietary
- Where DRM has been used, it has been cracked within HOURS
Bruce Schneier has written about the futility of digital copy prevention and says it's an impossible task. He says "What the entertainment industry is trying to do is to use technology to contradict that natural law. They want a practical way to make copying hard enough to save their existing business. But they are doomed to fail." He has also described trying to make digital files uncopyable as being like "trying to make water not wet". The creators of StarForce also take this stance, stating that "The purpose of copy protection is not making the game uncrackable - it is impossible." 
Both the Association for Computing Machinery and the Institute of Electrical and Electronics Engineers have historically opposed DRM, even going so far as to name AACS as a technology "most likely to fail" in an issue of IEEE Spectrum.
My Second observation is that any good Security Model will separate the Security Layer from the Content. Indeed this is what IHE has done in the profiling of the Web-Services "Security" layers in the IHE-ATNA + IHE-XUA; as independent from the Query and Metadata layer in XDS, XDR, XDM, XCA, XCPD, PIX, PDQ; and the Content Layers in all the various Document Content profiles such as XPHR, XDS-MS, XDS-SD, etc.