Electronic Health Record Access Control Electronic Health Record Document Request 6 External Authority Authorization Decisions Document Type Purpose of Use Obligations Security Label System (SLS) Document Orchestration Label Rules Generation 1 3 Security Risk Assessment / Policy Decomposed Clinical Document (CLINICAL FACTS) Mapped Clinical Facts Labeling Rules Raw CDA Document Authorization Obligations 4 2 Rules Rules Engine Transform Template(s) SNOMED-CT RxNORM ICD LOINC HL7 Vocabularies Patient Restrictions Jurisdictional Policy Organizational Policy HL7 Security and Privacy Vocabulary Transform Actions Redact, Annotate, Mask(Encrypt) Clinical Administration Security/Privacy Administration Annotated (classified) Document Document Packaging (Encrypt) -OR- Clinical Facts are mapped to EHR as information attributes, i.e., HIV Label Rules are created based on Risk Assessment Clinical Facts are extracted from source document SLS applies labeling rules and document transforms Send information for labeling/Deliver classified document Authorization Decision made based on Security Label 5 Annotated Composite Documents