The electronic patient record (EPR) is a major technological development within the healthcare sector. Many hospitals across Europe already use institution-based electronic patient records, which allow not only for electronic exchange of patient data within the hospital, but potentially also for sharing medical data with external healthcare providers, involved in the patient’s care, such as general practitioners or pharmacists. In this article, we discuss the attempt made by the Dutch government to introduce a nationwide electronic patient record (n-EPR). Describing and analyzing the new legislation that is currently being developed to establish the infrastructure for the n-EPR and the related legal issues, we conclude that the introduction of a n-EPR give rise to some substantial concerns. These vary from technical and quality issues such as the reliability of patient data and sufficient standardization and interoperability of the systems used, to issues in the field of data security and confidentiality. For a successful introduction of the n-EPR within the healthcare sector, a condicio sine qua non is that the related legislation provides sufficient safeguards and clarity with respect to the responsibilities and liabilities of its main users: the healthcare professionals.