The city of Surabaya has implemented the e-health program since 2014. Protection of patient data is the most important aspect in evaluating e-health health programs. The research objective is to analyze the evaluation of patient personal data protection in e-health programs. The research method uses descriptive qualitative with a case study research strategy. Data collection techniques used a mixed-method approach. The research results show that the protection of patient data in the implementation of the E-Health Program in the city of Surabaya is reviewed from indicators (1). Guarantee of Patient Data Confidentiality service recipient version; (2). E-Health Application Security; (3). Efforts to Convince Users in Using E-Health; (4). E-Health Service Application Security from Irresponsible Parties; (5). Patient Personal Data Guarantee program implementation version.