C3858447_HL7V3.0

Type of security metadata observation made about the classification of an IT resource (data, information object, service, or system capability), which may be used to make access control decisions. Security classification is defined by ISO/IEC 2382-8:1998(E/F)/ T-REC-X.812-1995 as: \'The determination of which specific degree of protection against access the data or information requires, together with a designation of that degree of protection.\' Security classification metadata is based on an analysis of applicable policies and the risk of harm to an individual that could result from unauthorized disclosure.

Note that an Act or Role may be associated with an Observation coded as SecurityClassificationObservationType with a SecurityClassificationObservationValue coded with a confidentiality code from V:Confidentiality Code to indicate that the confidentiality level indicated by an Act or Role confidentiality attribute has been overridden by the entity responsible for assigning the SecurityClassificationObservationValue. This supports the business requirement for increasing or decreasing the level of confidentiality (classification or declassification) based on parameters beyond the original assignment of an Act or Role confidentiality.

Type of security metadata observation made about the classification of an IT resource (data, information object, service, or system capability), which may be used to make access control decisions.

Security classification is defined by ISO/IEC 2382-8:1998(E/F)/ T-REC-X.812-1995 as: \'The determination of which specific degree of protection against access the data or information requires, together with a designation of that degree of protection.\' Security classification metadata is based on an analysis of applicable policies and the risk of financial, reputational, or other harm that could result from unauthorized disclosure.