Information Systems have been used for many years to analyze problems and compare options in a managed environment. The introduction of computer and information security systems into such an environment is a typical example of a situation to which an Information Systems approach can be applied. In this paper, we examine the issues peculiar to implementation of security in a healthcare environment, looking specifically at one such specially designed system, SIM-ETHICS, which takes a participational approach.