The special relationship of trust that needs to exist between a patient and his or her physician has been recognized since the origins of the profession, and the need for doctors to keep confidential any information disclosed to them is codified in the Hippocratic Oath. A distinctive feature of the health records which arises from this relationship is the intimate nature of the information that they may contain; consequently, it is vitally important to maintain the confidentiality of the records and to protect the privacy of the patients. Privacy has long been recognized as a fundamental right in most western societies (Westin, 2003), and unless a patient can be sure that personal information will not be distributed against his or her wishes, the patient may be reluctant to disclose information that may in fact be crucial to his or her correct treatment (Ford, Bearman, & Moody, 1999; NZHIS, 1995), or he or she may refrain from seeking treatment (Sankar, Moran, Merz, & Jones, 2003). This is particularly true when health records contain sensitive information concerning issues like drug and alcohol problems, sexual behavior, mental health, or a genetic predisposition towards certain diseases. In such circumstances, the consequences of the inappropriate release of information could be extensive and might impact on many aspects of a person’s life, such as the ability to gain employment, to maintain a marriage, or to obtain loans or life insurance (Chadwick, 1999; Woodward, 1995).