Inferensys

Glossary

FHIR Security Labels

Metadata tags applied to FHIR resources to indicate their sensitivity, confidentiality, and handling instructions, enabling access control decisions based on patient consent and regulatory requirements.
Data scientist building training data pipeline on laptop, data preprocessing visible, technical workspace.
Access Control Metadata

What is FHIR Security Labels?

A standardized mechanism for tagging FHIR resources with metadata that dictates their sensitivity, confidentiality, and handling instructions to enforce patient consent and regulatory compliance.

FHIR Security Labels are metadata tags applied to a Resource.meta.security element to convey the sensitivity and confidentiality of clinical data. They enable attribute-based access control (ABAC) by classifying resources according to a standardized vocabulary, allowing systems to make automated disclosure decisions based on a patient's consent directives and the requesting user's clearance.

The standard leverages the HL7 Security and Privacy Domain Analysis Model, using codes from vocabularies like ConfidentialityClassification (e.g., N for normal, R for restricted) and SensitivityClassification (e.g., ETH for substance abuse). This tagging architecture is fundamental to building interoperable, privacy-preserving federated learning pipelines where data access must be enforced at the resource level.

ANATOMY OF A FHIR SECURITY TAG

Core Components of a Security Label

A FHIR Security Label is a structured metadata tag applied to a resource to govern its access, use, and disclosure. It decomposes into distinct, interoperable components that collectively define the sensitivity, confidentiality, handling caveats, and provenance of clinical data.

01

Confidentiality Classification

The foundational axis of a security label, indicating the level of sensitivity of the resource. It defines the potential harm from unauthorized disclosure.

  • U (Unrestricted): Publicly available data.
  • L (Low): Data with minimal sensitivity.
  • M (Moderate): Standard protected health information (PHI).
  • N (Normal): Clinically sensitive data requiring standard access controls.
  • R (Restricted): Highly sensitive data like mental health or HIV records.
  • V (Very Restricted): Extremely sensitive data requiring explicit consent for each access.
6
Standard HL7 Levels
02

Sensitivity Category

A coded value that specifies the type of sensitive content within the resource, triggering specific policy rules beyond basic confidentiality. This is often the primary driver for access denial.

  • ETH (Substance Abuse): Governed by 42 CFR Part 2.
  • PSY (Psychiatry): Psychotherapy notes.
  • HIV (HIV/AIDS): Status and related treatment.
  • SEX (Sexuality): Sexual and reproductive health.
  • DOM (Domestic Violence): Victim status information.
10+
Common Sensitivity Codes
03

Handling Caveat

An instruction that dictates a mandatory obligation or restriction on the receiver of the data. It defines what a user must do, not just what the data is.

  • PurposeOfUse: Restricts use to a specific reason, e.g., TREAT (treatment) only.
  • Obligation: Mandates an action, such as AUDIT (log access) or CRYPT (encrypt at rest).
  • RefrainPolicy: Prohibits an action, such as NOINTEGRATE (do not link with other records).
  • Compartment: Isolates data into a specific access zone, e.g., COMPT for VIP patients.
3
Core Caveat Types
04

Security Label Binding

The mechanism by which a label is cryptographically linked to a FHIR resource to ensure integrity and prevent tampering. A label is useless if it can be stripped or altered.

  • Digital Signatures: Uses Provenance.signature to sign the resource and its label.
  • DocumentReference: Embeds the label within a static, signed clinical document.
  • Meta.security: The standard element on every FHIR resource where the Coding for the label is placed directly.
Meta.security
Primary Binding Element
05

Policy Provenance

The audit trail that records who applied the label, when, and under what authority. This is critical for compliance and dispute resolution.

  • Provenance Resource: Tracks the agent (e.g., a consent directive engine) that generated the label.
  • Policy URI: A reference to the computable policy (e.g., a XACML or ODRL document) that mandated the label.
  • Timestamp: The exact instant the label was affixed, enabling chronological conflict resolution.
FHIR Provenance
Tracking Resource
06

Dissemination Controls

A subset of handling caveats that specifically govern redistribution and re-disclosure of the information outside the originating system.

  • NORDSCLCD (No Redisclosure Without Consent): Prohibits sharing with a third party without explicit patient authorization.
  • NORDSCPRV (No Redisclosure to Provider): Blocks sharing with other treating providers.
  • NORDSCPAY (No Redisclosure to Payer): Prevents the data from being sent to an insurance company.
NORDSC
Redistribution Prefix
FHIR SECURITY LABELS

Frequently Asked Questions

Clear answers to the most common questions about implementing and interpreting FHIR security labels for patient consent and regulatory compliance.

A FHIR Security Label is a metadata tag applied to a Resource using the Resource.meta.security element to indicate its sensitivity, confidentiality classification, and handling caveats. It functions as a machine-readable instruction set that downstream access control engines consume to enforce policy-based decisions. The label does not itself restrict access; rather, it communicates the resource's security posture so that an authorization server can compare the label against a user's clearance and the patient's Consent Resource directives. The mechanism relies on the FHIR Security Labeling Infrastructure, which binds a Coding from a defined security label value set—such as http://terminology.hl7.org/CodeSystem/v3-Confidentiality—to a specific resource instance, enabling granular, attribute-based access control (ABAC) in federated healthcare networks.

Prasad Kumkar

About the author

Prasad Kumkar

CEO & MD, Inference Systems

Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.

His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.