The domain of security engineering has developed some agreed core concepts but it lacks comprehensive framework. This could be seen to be particularly the case for e-Healthcare information systems. Evaluation deals with how other people can be convinced that security and privacy protection measures that have been put in place will work. Anderson has defined evaluation of systems as the process of assembling evidence that a system meets, or fails to meet, a prescribed assurance target and identifies two main purposes, which are: to convince one's superiors that work has been done and completed in compliance with standards and laws and to reassure people who will rely on a product or system. Evaluation is a function of the question of whether the system will actually work, which is termed assurance (Anderson and Cardell, 2008). Thus, the lower the likelihood, the higher the assurance there can be and the higher the likelihood, the less the assurance there can be. This chapter explores the solutions and technologies currently available for evaluating security and privacy problems in e-Healthcare information systems.