Microsoft study: EHR databases can leak personal data