This paper describes the experience of a hospital which has introduced a system of computerized management of letters of authorization for healthcare workers to access sensitive health data, through the use of open source software. A new corporate intranet portal was created with access given only to the privacy contacts of each operational unit of the hospital. Once the privacy contact has entered the relevant user authorization, these must be approved first by the Directors of the respective operational units and finally by the privacy officer. The introduction of this system has allowed a systematic approach to the management of authorization for access to health data by hospital staff, regular updating and monitoring of the authorization and the start of a process of digitalization of documents.