In this paper, security in health information systems is put into perspective. The further penetration of information technology into health care is discussed and it is concluded that information systems have already become a vital component, not only for the logistics of the health care institution but also for the rendering of care and cure. Health care depends heavily on adequate data, so availability and integrity are equally important. In view of the sensitive nature of many patient data, the importance of confidentiality was recognised long before computers were invented. For widespread use of IT in health care it is of vital importance that computers can be trusted in respect of confidentiality. This paper emphasises the need to pay attention to security and suggests a responsible approach with implementation of both technical and organisational measures.