Sorry for the delay in replying to this.
Overall there is no reason why something like this could not be implemented on the current HAT - at the end of the day such approach would merely use any online system as plain storage that accepts encrypted data.
More generally, such approach would still need to have the software that handles unencrypted data running somewhere and more importantly - reachable at all times, both to be able to receive data from various sources and to participate in the outbound data flow in re-encrypting the data for each data debit client (to my knowledge an approach where a piece of encrypted data can be decrypted with multiple different keys does not exist, so it needs to be encrypted for each key of a data debit client). For a mobile device that would be a lot of traffic.
Still another alternative would be to design an approach where data gets routed directly to data debits at the time of arrival, however that prevents all but the most trivial contextualisation and does not allow for historical data access.
You could also note that the HAT can in fact run on the client side (e.g. a RaspberryPi at their home), using Dropbox or another cloud storage solution for data backup by using a directory there for the HAT database storage, encrypted.
Your idea seems interesting, however and I'm sure the community would love to see a detailed architecture and description on how that could work in real life!