description: Privacy metadata indicating the sender's sensitivity classification, which is based on an analysis of applicable privacy policies and the risk of harm that could result from unauthorized disclosure. The confidentiality code assigned by a sender based on the information's sensitivity classification, which may convey a receiver's obligation to ensure that the information is not made available or redisclosed to unauthorized individuals, entities, or processes (security principals) per applicable policies..
Map: Definition aligns with ISO 7498-2:1989 - Confidentiality is the property that information is not made available or disclosed to unauthorized individuals, entities, or processes.
Usage Notes: Confidentiality codes are used as metadata indicating the receiver responsibilities to ensure that the information is not made available or redisclosed to unauthorized individuals, entities, or processes (security principals) per applicable policies.