Purpose - Regardless of who or where we are and when we get sick, we expect healthcare to make us well and to handle us and our information with care and respect. Today, most healthcare institutions work separately, making the flow of patient information sub-optimal and the use of common standards practically unheard of. The purpose of this paper is to emphasise the use of standards to improve information security in process-oriented distributed healthcare. Design/methodology/approach - The paper introduces a real-life case which is analysed to highlight how and where standards can and should be used in order to improve information security in process-oriented distributed healthcare. Findings - In total, 11 flaws or problems in information security and process-orientation are identified. From these, six changes are suggested which address how information is handled, and how organizational routines should be standardized. Research limitations/implications - The case setting is Swedish healthcare, but problems can be shared across international borders. The purpose is to highlight the issues at hand. Practical implications - If suggested changes are implemented, healthcare processes will be more streamlined and focused on patients. Routines will be standardized and uncertainties thus removed in terms of how to act in certain situations. Originality/value - Healthcare and academia has yet to address both document and process issues concerning standardization in distributed healthcare. There are also few actual cases from a patient perspective. This paper provides lessons learned from a real-life case, where results may impact how standardization is addressed in healthcare organizations.