Hardware-based attestation of the running software is an important security feature, especially in a world where data leaks and identity theft are rampant. Let's say I'm a healthcare provider, and I'm about to send sensitive medical data to a third party vendor. Wouldn't you prefer that this data only be able to be decrypted by a computer that can prove to the world it booted a clean OS image with all the latest security patches installed?
If the vendor wants to install some self-built OS that they trust on their computer and not update it for 5 years, that's their business, but I may not want to trust their computer to have access to my personal data.
Remote attestation gives more control to the owners of data to dictate how that data is processed on third-party machines (or even their own machines that may have been compromised). This is useful for more than just DRM.
Let's say I'd like mandatory disclosure on shenanigans like that, so I can avoid this healthcare provider.
Quick edit to answer my own question: In my home state paper prescriptions are only legal in a few situations (if it's for an animal, glasses, justifiable emergencies). However in some parts of the country they're still possible. Even if I had a choice, I prefer the convenience of sending the data digitally- once you actual fill the paper prescription CVS or whoever is still gonna be able to glean sensitive medical info, so you're just delaying the inevitable.
And in fact, if your provider is doing ePrescribing, odds are they are contributing to supporting a Monopoly by SureScriots who has cornered the market emwith anti-competitive business practices!
DEA still issues serialized paper prescription pads.
https://www.ftc.gov/news-events/news/press-releases/2019/04/...
Everytime an ePrescription goes over the wire, this one weird company based out of Virginia is likely shotgunning your personal info as collected by PBM's/health insurers between all parties involved, (with the obligatory copy for themselves, probably "anonymized and repackaged for monetizable exposure to research groups), and in the contractual terms requiring that people in the network not make arrangements with anyone else for the service.
As a common victim of the perniciousness of this arrangement. I'm more than familiar with how this nonsense goes.