The Internet and the web make it possible for content providers to share large amounts of information with their clients, partners, or other users. For example, healthcare providers share information with their clients about the services offered by the healthcare provider, generic information about various diseases, scheduling information for patient appointments, etc. Typically, such healthcare information is stored in a single datastore or a collection of datastores hosted on servers. Users can access such information using various applications, web browsers, etc. For example, a user can log on to a website provided by the healthcare provider to view such information. However, when a user is accessing a document or content that includes information with various levels of access privileges, it is necessary to determine that the user is provided only that content for which the user has access privilege. For example, when a patient is accessing the healthcare information from a healthcare provider, only the patient's appointment and the reasons for that appointment, or the references to the patient's appointment, should be shown to the patient. Given the large amount of information that is provided to end users, such as the patients of a healthcare information provider, and the large number of sources where such information and its privileges are stored, it is challenging to ensure that the users are disclosed only the privileged information.