1. Field
Example embodiments relate to a method, a computer-readable medium and an apparatus that may apply security labels to sensitive data based on authorization of a subject of record, organizational policies, and jurisdictional policies.
2. Description of the Related Art
Dissemination of sensitive data requires controlled, conditional access according to different levels or types of authorization. Examples of sensitive data include medical records, classified documents (e.g. DOD top secret), and the like. Access of such records may need to be limited according to both the sensitive nature of particular records as well as the purpose for requesting the records. For example, if a medical record contains data relating, e.g. HIV or psychiatric treatment, current Federal laws prohibit unrestricted distribution of such records, allowing access only in specific circumstances.
Enforcement of data handling requirements can become a problem upon records being transferred from an original custodian source. Once records are transferred, proper enforcement of data handling agreements or obligations may or may not occur. For example, medical records could be exchanged between service provider organizations. Once the records are transferred, it becomes difficult to police the handling of the data.
Solutions have been proposed based on maintaining separate databases for different versions of data, each with different levels of access privileges. One such example involves compiling the databases and subsequently providing access to the appropriate version of the data according to access rights. However, this method poses a new problem whenever access rights change. For example, if jurisdictional laws or regulations change to require different access rights to sensitive data, the entire database would need to be recompiled each time this occurs. This problem renders this particular method expensive, and potentially introduces down time when the databases are being recompiled.
Accordingly, there is a need for a solution that avoids maintaining separate databases and recompiling databases upon changes in access rights.