Security refers directly to the protection and in particular to the means used to protect the confidentiality of health information and to assist professionals in the confidential recording of such information. The concept of security has long been applied to paper health records; Locked workbooks are a simple example. As the use of electronic health record systems increased and the transfer of health data in support of billing became the norm, the need for regulatory guidelines specifically for electronic health information became more evident. The HIPAA security rule provided the first national standards for protecting health information. The stated purpose of the HIPAA security rule is to protect individually identifiable information in electronic form – a subset of the information covered by the privacy rule – while providing healthcare providers with adequate access to information and flexibility in adopting technology (HHS, 2003b). This notion of balance also appears in the law: necessary access for health care providers vs. protection of individuals` health information. Everyone who works with health information – health informatics and health information management professionals, clinicians, researchers, business economists and others – has a responsibility to respect this information.