Data from personal health devices is expected to be an important part of personalized care in future, but communication frameworks for such data create new challenges for security and privacy. Continua Health Alliance has been very active and successful in defining guidelines and a reference architecture for transmitting personal health device data based on well-known international standards. But looking at the security definitions, the concepts are still facing open issues and weaknesses like identity management or missing end-2end (E2E) encryption. This paper presents an approach for an E2E encryption framework based on Continua's reference architecture and the underlying base standards. It introduces the basic process and proposes necessary extensions to the architecture as well as to the standardized protocols of ISO/IEEE 11073 and HL7 version 2.