As computer-based medical records systems become more common, both physicians and their patients worry about two questions: Who should have access to medical information? How can unauthorized access be prevented? If you and your staff can answer the first question clearly, you can probably find answers to the second.