Within a hospital, the moving of medical information systems from retrospective data-gathering methods to prospective clinical information systems raises the question of the confidentiality of patient data. A method of improving the traditional matrix model usually used to achieve access controls is described. The event-driven model refers to the way a security system ensures that a given user has a valid "need-to" relationship to a given patient. Events are defined as the occurrence of specific data that trigger the creation or the updating of the relationship between the identity of a user and the identity of a patient (e.g., admission, discharge, transfer, prescription, and report). The creation and the deletion of the relationships between users and patients are based on numerous repositories and working lists of patients. This implementation requires an organization of the hospital activities which is able to manage, in a real-time manner, those repositories as closely as possible to the steps occurring during the patient's care process. Although this approach seems to reasonably fit the dynamic of the care process, it adds significant organizational constraints.