‘Security holds the key’ was the title of a newspaper article concerned with e-commerce (D. Sumner-Smith, The Sunday Times, 6 February, 2000, p. 3.13). However, it applies just as readily to the health sector. The need to safeguard the confidentiality of information that patients share with clinicians is as fundamental as the principle of consent. This issue has come to the fore in the context of the rapid developments and applications of information and communication technologies within society in general and within the health sector in particular. There are also changing societal expectations regarding access to information, confidentiality and disclosure. The emerging scenarios present significant challenges in relation to the traditional methods used to deal with the privacy and confidentiality of personal information (Anderson, 1995). In addition to the impact of new technologies, consideration also needs to be given to the impact of changes in health care organisation and practice, for example multidisciplinary and multi-agency working. Mental health services are in many respects at the vanguard of these changes, where the ideals of community care, shared care and seamless care depend fundamentally on good communication and information sharing. Failures in communicating information, particularly across sectoral boundaries, have led to significant problems in patient care, as revealed in several recent enquiries into homicides (Northamptonshire Health Authority & Northamptonshire Social Services, 1999)