In healthcare a lot of data are generated that in turn will have to be accessed from several departments of a hospital. The information kept within the information system of a hospital includes sensitive personal data that reveal the most intimate aspects of an individual’s life. Therefore, it is extremely important to regard data protection laws, privacy regulations, and other security requirements. When designing information systems for healthcare purposes, it is an imperative to implement appropriate access control mechanisms and other safeguards. Furthermore, a tendency to use the Internet as a communications media can be observed. As the Internet is an insecure transmission media, the security requirements that must be met by the overall system are high.