Information and its handling and transmission form an essential part of health care and are reflected in professional standards. Automated information systems in health care—health informatics services—will improve these functions and bring new opportunities through the harnessing of modern information and communications technologies. Thus, computer sup port is now essential in many parts of medicine, the US Institute of Medicine has long espoused the value of computerised patient records, and many countries have developed strategies on this topic, and there are countless health related internet sites. However, as new information and communication technologies in health bring new opportunities, they also bring new risks. Emphasis has rightly been placed on ensuring appropriate levels of confidentiality in electronic information systems—to the point that the highly exacting requirements being demanded by independent commentators and professional bodies are difficult to satisfy without jeopardising the functioning of core services or the interests of the most vulnerable groups. In contrast, much less thought has been given so far to ensuring the appropriateness of the design and integrity of functioning of health informatics services.