Internet-based health data exchange, which is particularly useful for the management of cooperative health care and life time heath care records, requires the use of a common format to allow access to heterogeneous reservoirs scattered at different hospitals, as well as protection from intrusion and piracy. However, the unified management of multiple reservoirs is difficult to achieve, due to the different policies operated by different hospitals and the heterogeneous format of their information reservoirs. In this paper, we propose a multi-agent based secure architecture which can be used to retrieve healthcare information in a common format through the internet from multiple heterogeneous reservoirs. The proposed system is organized in the form of a 4-tier architecture, consisting of the client application, access control central agent, local access control agent and hospital information system, involving distributed processing with multiple matching agents connected to heterogeneous reservoirs and one flexible master controller to unify the different formats and different hospital policies, thus providing a secure common format and simplifying the problem of reservoir maintenance, including the addition, removal and modification of reservoirs. The combination of XML and RABC provides an efficient means of reservoir management, allowing for access control, a common format for information exchange, device independent display for diverse display resolutions of terminal devices, user identification for authentication, digital signature for data integrity, and selective encryption for protecting confidential health information.