A survey was conducted in the year 1994 among medical school hospitals in Japan to know whether there are some written rules or regulations about the use of medical information, and whether they are well matched both to secure patient's privacy and to promote the adequate use of the information. A questionnaire was mailed to 80 medical school hospitals in Japan and 65 of them responded. Besides copies of rules, questioners were also requested for detailed investigation. Twenty nine hospitals responded to our request. The security implementation issues in Japan will be discussed using data thus obtained.