117 lines
4.6 KiB
YAML
117 lines
4.6 KiB
YAML
id: https://nde.nl/ontology/hc/class/DataSensitivityLevel
|
|
name: data_sensitivity_level_class
|
|
title: DataSensitivityLevel Class
|
|
description: >-
|
|
Data sensitivity classification level for records and information assets.
|
|
|
|
Used to categorize the confidentiality requirements and access restrictions
|
|
for administrative records, documents, and data systems.
|
|
|
|
Based on common information classification schemes including:
|
|
- ISO 27001 information security standards
|
|
- GDPR special category data requirements
|
|
- Dutch government classification (Rijksoverheid)
|
|
|
|
prefixes:
|
|
linkml: https://w3id.org/linkml/
|
|
hc: https://nde.nl/ontology/hc/
|
|
dcterms: http://purl.org/dc/terms/
|
|
schema: http://schema.org/
|
|
|
|
imports:
|
|
- linkml:types
|
|
- ../slots/has_or_had_label
|
|
- ../slots/has_or_had_description
|
|
- ../slots/has_or_had_code
|
|
|
|
default_prefix: hc
|
|
|
|
classes:
|
|
DataSensitivityLevel:
|
|
class_uri: hc:DataSensitivityLevel
|
|
description: >-
|
|
Data sensitivity classification level.
|
|
|
|
**Standard Classification Levels**:
|
|
|
|
| Level | Short Code | Description | Access |
|
|
|-------|------------|-------------|--------|
|
|
| Public | PUBLIC | No restrictions on disclosure | Anyone |
|
|
| Internal | INTERNAL | For internal use only | Staff only |
|
|
| Confidential | CONFIDENTIAL | Need-to-know basis | Authorized staff |
|
|
| Strictly Confidential | STRICTLY_CONFIDENTIAL | Highly restricted | Named individuals |
|
|
| Personal Data | PERSONAL_DATA | Contains PII (GDPR Article 6) | Data subjects + authorized |
|
|
| Special Category | SPECIAL_CATEGORY | Sensitive personal data (GDPR Article 9) | Strictly controlled |
|
|
|
|
**GDPR Alignment**:
|
|
- PERSONAL_DATA: Covers GDPR Article 6 personal data
|
|
- SPECIAL_CATEGORY: Covers GDPR Article 9 special categories (health, religion,
|
|
ethnicity, political opinions, trade union membership, genetic/biometric data,
|
|
sexual orientation)
|
|
|
|
**Dublin Core**: Maps to dcterms:accessRights for access classification.
|
|
exact_mappings:
|
|
- dcterms:accessRights
|
|
close_mappings:
|
|
- schema:accessMode
|
|
slots:
|
|
- has_or_had_label
|
|
- has_or_had_code
|
|
- has_or_had_description
|
|
slot_usage:
|
|
has_or_had_label:
|
|
description: Human-readable name for the sensitivity level.
|
|
range: string
|
|
required: true
|
|
examples:
|
|
- value: "Public"
|
|
description: No access restrictions
|
|
- value: "Strictly Confidential"
|
|
description: Highest restriction level
|
|
has_or_had_code:
|
|
description: >-
|
|
Short code identifier for the sensitivity level.
|
|
Standard codes: PUBLIC, INTERNAL, CONFIDENTIAL, STRICTLY_CONFIDENTIAL,
|
|
PERSONAL_DATA, SPECIAL_CATEGORY
|
|
range: string
|
|
required: true
|
|
pattern: "^[A-Z][A-Z0-9_]*$"
|
|
examples:
|
|
- value: "PUBLIC"
|
|
description: No restrictions
|
|
- value: "CONFIDENTIAL"
|
|
description: Need-to-know basis
|
|
- value: "SPECIAL_CATEGORY"
|
|
description: GDPR Article 9 sensitive data
|
|
has_or_had_description:
|
|
description: Detailed description of what this sensitivity level means and when to apply it.
|
|
range: string
|
|
required: false
|
|
examples:
|
|
- value: "Contains employee health records - requires explicit consent and strict access controls"
|
|
description: SPECIAL_CATEGORY example
|
|
annotations:
|
|
specificity_score: 0.45
|
|
specificity_rationale: >-
|
|
Data sensitivity levels are moderately specific - used primarily in
|
|
records management and information governance contexts.
|
|
custodian_types: '["A", "O", "R"]'
|
|
custodian_types_rationale: >-
|
|
Most relevant for Archives (A), Official institutions (O), and
|
|
Research centers (R) that manage sensitive records.
|
|
examples:
|
|
- value:
|
|
has_or_had_label: "Confidential"
|
|
has_or_had_code: "CONFIDENTIAL"
|
|
has_or_had_description: "Need-to-know basis - restricted to authorized personnel"
|
|
description: Standard confidential classification
|
|
- value:
|
|
has_or_had_label: "Special Category Data"
|
|
has_or_had_code: "SPECIAL_CATEGORY"
|
|
has_or_had_description: "GDPR Article 9 sensitive personal data - health records, religious affiliation"
|
|
description: GDPR special category classification
|
|
- value:
|
|
has_or_had_label: "Personnel Data"
|
|
has_or_had_code: "PERSONAL_DATA"
|
|
has_or_had_description: "Contains employee personal information subject to GDPR"
|
|
description: Personal data classification for HR records
|