Medical records, once archived on paper and stored in filing cabinets, are now housed in electronic data repositories. While converting medical information into electronic format yields enormous benefits, it also raises new privacy and security concerns. The fact that medical information is now accessed, stored, processed, and transmitted through multiple organizations has led to the need for medical informatics security. In this paper, we examine the evolution of electronic medical records, review relevant legislation, and examine issues of privacy and security as it relates to medical information.