HL7 Terminology (THO)
6.1.0 - Publication International flag

This page is part of the HL7 Terminology (v6.1.0: Release) based on FHIR (HL7® FHIR® Standard) v5.0.0. This is the current published version in its permanent home (it will always be available at this URL). For a full list of available versions, see the Directory of published versions

ValueSet: SecurityCategoryObservationType

Official URL: http://terminology.hl7.org/ValueSet/v3-SecurityCategoryObservationType Version: 3.0.0
Active as of 2014-03-26 Responsible: Health Level Seven International Computable Name: SecurityCategoryObservationType
Other Identifiers: OID:2.16.840.1.113883.1.11.20459

Copyright/Legal: This material derives from the HL7 Terminology THO. THO is copyright ©1989+ Health Level Seven International and is made available under the CC0 designation. For more licensing information see: https://terminology.hl7.org/license.html

Type of security metadata observation made about the category of an IT resource (data, information object, service, or system capability), which may be used to make access control decisions. Security category metadata is defined by ISO/IEC 2382-8:1998(E/F)/ T-REC-X.812-1995 as: "A nonhierarchical grouping of sensitive information used to control access to data more finely than with hierarchical security classification alone."

References

This value set is not used here; it may be used elsewhere (e.g. specifications and/or implementations that use this content)

Logical Definition (CLD)

Generated Narrative: ValueSet v3-SecurityCategoryObservationType

Language: en

 

Expansion

Generated Narrative: ValueSet

Language: en

Expansion based on codesystem ActCode v9.0.0 (CodeSystem)

This value set contains 1 concepts

CodeSystemDisplayDefinition
  SECCATOBShttp://terminology.hl7.org/CodeSystem/v3-ActCodesecurity category observation

Type of security metadata observation made about the category of an IT resource (data, information object, service, or system capability), which may be used to make access control decisions. Security category metadata is defined by ISO/IEC 2382-8:1998(E/F)/ T-REC-X.812-1995 as: "A nonhierarchical grouping of sensitive information used to control access to data more finely than with hierarchical security classification alone."

Rationale: A security category observation supports requirement to specify the type of IT resource to facilitate application of appropriate levels of information security according to a range of levels of impact or consequences that might result from the unauthorized disclosure, modification, or use of the information or information system. A resource is assigned to a specific category of information (e.g., privacy, medical, proprietary, financial, investigative, contractor sensitive, security management) defined by an organization or in some instances, by a specific law, Executive Order, directive, policy, or regulation. [FIPS 199]

Examples: Types of security categories include:

  • Compartment: A division of data into isolated blocks with separate security controls for the purpose of reducing risk. (ISO 2382-8). A security label tag that "segments" an IT resource by indicating that access and use is restricted to members of a defined community or project. (HL7 Healthcare Classification System)
  • Sensitivity: The characteristic of an IT resource which implies its value or importance and may include its vulnerability. (ISO 7492-2) Privacy metadata for information perceived as undesirable to share. (HL7 Healthcare Classification System)

Explanation of the columns that may appear on this page:

Level A few code lists that FHIR defines are hierarchical - each code is assigned a level. In this scheme, some codes are under other codes, and imply that the code they are under also applies
System The source of the definition of the code (when the value set draws in codes defined elsewhere)
Code The code (used as the code in the resource instance)
Display The display (used in the display element of a Coding). If there is no display, implementers should not simply display the code, but map the concept into their application
Definition An explanation of the meaning of the concept
Comments Additional notes about how to use the code

History

DateActionCustodianAuthorComment
2023-11-14reviseTSMGMarc DuteauAdd standard copyright and contact to internal content; up-476
2022-10-18reviseTSMGMarc DuteauFixing missing metadata; up-349
2020-05-06reviseVocabulary WGTed KleinMigrated to the UTG maintenance environment and publishing tooling.
2014-03-26revise2014T1_2014-03-26_001283 (RIM release ID)Vocabulary (Woody Beeler) (no record of original request)Lock all vaue sets untouched since 2014-03-26 to trackingId 2014T1_2014_03_26