This chapter discusses key legal issues raised by the contemporary trend to managing and sharing patient information via electronic health records (EHR). Concepts of privacy, confidentiality, consent, and security are defined and considered in the context of EHR initiatives in Canada, the United Kingdom, and Australia. This chapter explores whether patients have the right to withhold consent to the collection and sharing of their personal information via EHRs. It discusses opt-in and opt-out models for participation in EHRs and concludes that presumed consent for EHR participation will ensure more rapid and complete implementation, but at the cost of some personal choice for patients. The reduction in patient control over personal information ought to be augmented with strong security protections to minimize risks of unauthorized access to EHRs and fulfill legal and ethical obligations to safeguard patient information.