Adoption of Personal Health Record (PHR) applications has been slow due to consumers' concerns in security, privacy and trust, and the challenges in interoperability and integration with other Electronic Medical Record (EMR) systems. This paper proposes the design for a secure interoperable cloud-based PHR service. To enhance the portability and interoperability, we use the Continuity of Care Document (CCD) for both storing and exchanging the PHR information for an individual. To provide self-protecting security for each CCD instance, we apply a broad spectrum of security mechanisms - including access control, encryption, and digital signature - in an integrated, embedded, and fine-grained manner, based on open standards such as eXtensible Access Control Markup Language, XML Encryption, XML Signature, and XML Key Management Specification. To support patient-controlled encryption and privacy-preserving keyword search, we use ciphertext-policy attribute-based encryption and public-key encryption with keyword search schemes, again in an integrated, embedded, and fine-grained manner.