Information technology innovation and common interest in well-being life have expedited the progess of medical informatics. On the other hand, the concern about information leakage has grown serious as well. The medical information is the most sensitive information and must be protected extremely strong ; however, it is of a public character to promote welfare and common partly. For stakeholders to cut costs, improve services, and become more responsive to their users, it is very important to design system considering the user’s standpoint. If individuals are concerned about information privacy infringement, it would be the biggest obstacle to today’s healthcare project. This study’s goal is the information security management model development in healthcare domain, which is suitable to the u-healthcare environment. It it especially focused on the HL7 Role-Based Access Control (RBAC) Role Engineering Process for medical information standardization.