Software for a drug (testing) lab

So a local, moderately sized drug testing lab wants a new system for managing the data for all the junkies around here. They are very big on privacy and scared of lawsuits, so they plan to have everything encrypted because of some medical laws or something idunno. The requirements (summarized) are as follows:

      1. Data must not be decryptable by any person without a manager's approval.

      2. Data must be immediately delivered in an automated fashion to the proper authorities upon request.

      3. Data must be completely anonymitized after the report is delivered to the requesting entity.

      4. Data must be usable by the courts and contain all information that may be useful to law enforcement.

So, my question is, how can I make two mutually exclusive things happen at once? I browsed over my worn copy of SICP but couldn't find anything. Do I need a quantum computer maybe (I hear those work on magic)? Please lend me your wisdom.

>>4
Okay, how about this:
- Employer X asks for drug testing for employee Y.
- You ask employer X to create a public keypair if they're a first time user.  Don't reinvent the wheel, just use GPG.
- You make a nice web interface for employer X to access the current case file so they can submit info about employee Y and schedule appointments and whatnot.
- All information about employee Y is encrypted with a specific transient key T that is held in secure erasable storage.
- Employee Y pisses in a jar and hands it to your agency for tasting.
- Results are stored in employee Y's case file encrypted with the aforementioned transient key.
- Once the employer X is done collecting info about employee Y, you make a zip archive of all data about employee Y that you are allowed to give to the employer X (i.e. you can't hand X over the prescriptions Y is taking since it's none of X's fucking business) and you encrypt it with the employer's public key, and you send it over to X.
- You destroy transient key T.  From that point on, it is no longer your problem if law enforcement wants to violate Y's privacy without even getting a proper warrant enquire as to the proceedings, they can't bug you because you can't even read the damn data, so you can just kindly redirect them to employer X who is the only one who can read it.