Library and Archives Canada
www.collectionscanada.gc.ca
Common menu bar links
Institutional links
Government
Previous | Table of Contents | Next
8. Details of Individual Metadata Elements
8.42 Sensitivity
Attributes
Attribute
Value
Identifying Attributes
Name
sensitivity
Label
Sensitivity
Defined by
Government of Canada Records Management Metadata Standard - sensitivity
Element URI
[To be actioned by Treasury Board of Canada, Secretariat before publication]
Definitional Attributes
Definition
The highest security classification or designation assigned within a record or file.
Purpose
To enable records or files with access sensitivities to be appropriately identified, managed and handled.
To prevent the unauthorized disclosure of sensitive information.
To prevent unauthorized access to records or files.
Rationale
"The regulatory environment, in which the organization operates, establishes broad principles on access rights, conditions or restrictions that should be incorporated into the operation of records systems…Records may contain personal, commercial or operationally sensitive information. In some cases, access to the records, or information about them, should not be permitted…. Ensuring appropriate access controls is done by assigning access status to both records and individuals." ISO International Standard 15489-1, s. 9.7
"Managing the access process involves ensuring that:
a) records are categorized according to their access status at a particular time,
b) records are only released to those who are authorized to see them,
c) encrypted records can be read as and when required and authorized,
d) records processes and transactions are only undertaken by those authorized to perform them, and
e) parts of the organization with responsibility for particular business functions specify access permissions to records relating to their area of responsibility." ISO International Standard 15489-1, s. 9.7
"Control measures such as access monitoring, user verification, authorized destruction and security should be implemented to prevent unauthorized access, destruction, alteration or removal of records." ISO International Standard 15489-1, s. 8.2.3
"Key elements of security metadata, such as basic access rights or restrictions, should be identified and applied at the point of record creation and capture in order to facilitate a record's ongoing preservation and management." ISO Technical Specification 23081-1, s. 9.2.4.1
"Access to records should only be restricted when there is a business need or when the law requires it. Security metadata should be monitored and updated to ensure the ongoing applicability of all identified restrictions…Security metadata need to be maintained and kept current throughout a record's existence." ISO Technical Specification 23081-1, s. 9.2.4.2
Value Domain
Enumerated strings of text representing security classifications.
Datatype Name
String
Constraint
Applicable at record level and file level.
Obligation
Mandatory at record level; mandatory at file level.
Relational Attributes
Encoding Scheme
Government Security Policy (GSP)
AND/OR
Institution-specific schemes
Linkages
Access Rights; Event Type; Location; Releasable To; Security Clearance
Conditions of Application - Record
Format
Text, based on encoding scheme.
Modifiable
Pre Record Declared Locked
Post Record Declared Locked
Yes
Yes, by authorized official only
Occurrence
Not repeatable
Conditions of Application - File
Format
Text, based on encoding scheme.
Modifiable
Yes, by authorized official only.
Occurrence
Not repeatable
Comments and Guidance
a) Explanation of Definition/Usage
This element is used to identify the security level of the record or file.
b) Best Practices
Institutions managing classified or protected materials are required to ensure that the materials are given the appropriate levels of protection to prevent their unauthorized disclosure and subsequent damage to national or non-national security interests.
The Government of Canada Security Policy obligates institutions to identify information and other assets when their unauthorized disclosure, with reference to specific provisions of the Access to Information Act and the Privacy Act, could reasonably be expected to cause injury to:
- The national interest. Such information is classified. It must be categorized and marked based on the degree of potential injury (injury: "CONFIDENTIAL"; serious injury: "SECRET"; exceptionally grave injury: "TOP SECRET").
- Private and other non-national interests. Such information is protected. It must be categorized and marked based on the degree of potential injury (low: "PROTECTED A"; medium: "PROTECTED B", high: "PROTECTED C").
The change of Sensitivity will have a direct impact on the element Releasable To and therefore, institutions will require business rules to ensure that these two elements remain in sync. Only an authorized official may change the value of this element for a file or for a record once it has been locked. Such changes would accommodate the security reclassification of the record or file. In some cases, this may result in the modification of the record content as well as the metadata record.
c) Obligation
This element is mandatory to ensure that sensitive records are controlled properly.
d) Default Values/Auto-populate
The default value for this element could be set to "Unclassified". The default value can be changed and set by the institution according to the security domain within which it operates. The default value should be used with caution.
e) Linkages
This element is linked to the agent elements, Security Clearance and Access Rights. It is a combination of these three concepts that determines an individual's access to records. This element is also linked to Location because sensitive information requires explicit location information. It is also linked to Releasable To because the sensitivity of the record will have an impact on who can see it.
Finally, Sensitivity is linked to the element Event Type in cases where a change to the status of the record or file must be noted in the management and event history log.
f) Examples
- "Unclassified"
- "Protected A"
- "Confidential"
- "Secret"
