As electronic patient health information systems become more fully developed and widespread, there are persistent concerns about the privacy and confidentiality of the personal health data being stored and disseminated. Standards Australia has released two Standards which provide useful guidelines for the organisational, technological and human behavior solutions required to protect privacy and confidentiality in health care organisations. The major requirements of these Standards are outlined and the implications of the Standards for health information managers are discussed.