Electronic medical records (EMR) is an evolution of the conventional Medical Records files. The evolution is inevitable due to information technology advancement. Electronic format brings flexibility and ease which is potential to better guarantee patients’ rights to access the contents of the files in their medical records, according to the laws in Indonesia. This study designed a new model of EMR security access which is pantients’ rights oriented and adjusted with the regulation and laws in Indonesia. The architecture of the model uses an autehentication authorization and accounting (AAA)server which also functions as EMR index server. To improve the data accessibility for pantients and physicians authorization is done using short message service in mobile technology.