Introduction:Electronic health records (EHRs) is used now in all over the world, it is more in the developed countries but also it is used in the developing countries. The paper records are not fully replaced by the electronic records but the plan is to replace it as much as possible.We want to make it electronic based health records because they improve the quality of care, it reduces the cost, enhances the patient mobility, more accessible and faster.1 Definitions: Privacy: Freedom from intrusion into the private life or affairs of an individual when that intrusion results from undue or illegal gathering and use of data about that individual. In the context of the Saudi HIE, it refers to an individual’s interest in limiting who has access to personal healthcare information. 2 Confidentiality: Property that information is not made available or disclosed to unauthorized individuals, entities, or processes.2 Health Information Systems: The differences in past and in the present: In the past, the health medical record was completely paper based and placed in large rooms within the hospitals and the data are not fully secured because it depends on honesty and integrity of the person who are responsible for this room.It was limited in terms of availability, accessibility also it was not fast enough, so in emergency cases it was a serious problem. Today, the electronic health records are used. The cost are remarkably decreased, better security, more accessible and available almost in all times.3 Privacy and Confidentiality:The information of the patient should not be disclosed to anyone unless the patient gives the permission, second opinion for making a diagnosis or decision related to the patient disease or needed by the law. 3 The main thing for keeping the confidentiality is to make sure that only authorized people have access to the patient’s records. Choosing a strong password is an important thing to avoid hacking and other problems.4 A recent survey found that 73% of the physicians are texting other physicians about their work 5, so we don’t know if this exchange of information is secured or not, if the mobile is encrypted of secured because as we know the mobiles are designed for personal use, so the security is not that good for keeping such information.6 Hospitals that are using EHR and institutions must have a security team who are trained and can protect the system’s users, and information. Also, they can identify the security weaknesses and threats and try to eliminate them. 3 Integrity and Availability:?Integrity: Integrity assures that the data is accurate and has not been changed. The data are exchanged and transformed from hospital to hospital, from one system to another and this data can be manipulated either intentionally or not, so the integrity is an important thing in EHRs. 3 Availability: If the system having a problem, for example if it’s hacked or overloaded, the information in the system may become unusable. To make sure of the availability, electronic health record systems often have redundant components, known as “fault-tolerance systems”, so if one component fails or is having problems the system will switch to a backup component. 3 Conclusion:The electronic health records system improved our health systems and outcomes, but there are some key points to guarantee the success of EHRs system such as providing strong security and confidentiality, also the integrity is a crucial thing.