Abstract: Embodiments of a secure method to access a de-identified database on a website are described. A dual-portal web-based system is implemented that provides healthcare related information to healthcare users through a first website, and registry/management tools to care providers through a second website. No identifiable fields relating to the user are stored or accessible in the database of the first website. All user information is de-identified by total exclusion from the database. A re-identification process allows an authorized care provider view his or her clients in combination with registered personal information from the system. An alliance-based identification (ABID) key is used to index both the individually identifiable information and the personal health data/information that are stored in separate databases. A token generation process generates tokens that allow different ABID keys to be generated for use with different care providers through a single user account.