The bill (Bill 2007/08:126. page 208) states that from the perspective of integrity, it is essential that the individual registered receives detailed information on personal data processing. This information is important for creating confidence in the data processing and to ensure that the individual is able to exercise their rights relating to personal data processing. How the information is to be designed and handed over to the individual is the responsibility of the local Personal Data Controller. Secure routines are in the interests of the Personal Data Controller as they are considered to have the burden of proof to show that the information is actually handed over or given to the patient (see Bill 2007/08:126. page 249). The individual's capacity to assimilate the information must be taken into consideration. It is also important that the information clearly states who is the Central Personal Data Controller, CPDC. This is the responsibility of CPDC centrally. 

PDL, Chapter 8 Section 6 includes all the information as to what must be included in the information to the patient while Chapter 7 Section 3 stipulates what is important with regard to a quality register, such as

• the individual's right to at any time have information on them erased from the register, even if the individual  has previously given their consent to the data being processed.
• The individual must be informed if data are taken from a source other than the individual him/herself or his or her medical records, for example if information is obtained after combining with other registers.
• The individual must be informed if his/her personal data could be handed over to third parties, and what or whom these third parties are.

The responsibility for information to the patient is divided between the PDC and the CPDC.