{
  "package" : "hl7.terminology.r4@6.3.0",
  "definition" : "Type of security metadata observation made about the control of an IT resource (data, information object, service, or system capability), which may be used to make access control decisions. Security control metadata convey instructions to users and receivers for secure distribution, transmission, and storage; dictate obligations or mandated actions; specify any action prohibited by refrain policy such as dissemination controls; and stipulate the permissible purpose of use of an IT resource.\\r\\n\\r\\n*Rationale:* A security control observation supports requirement to specify applicable management, operational, and technical controls (i.e., safeguards or countermeasures) prescribed for an information system to protect the confidentiality, integrity, and availability of the system and its information. \\\\[FIPS 199\\\\]\\r\\n\\r\\n**Examples:** Types of security control metadata include:\\r\\n\\r\\n *  handling caveats\\r\\n *  dissemination controls\\r\\n *  obligations\\r\\n *  refrain policies\\r\\n *  purpose of use constraints",
  "system" : "http://terminology.hl7.org/CodeSystem/v3-ActCode",
  "property" : [ {
    "_uri" : "http://hl7.org/fhir/concept-properties#status",
    "code" : "status",
    "valueCode" : "active"
  }, {
    "_uri" : "http://terminology.hl7.org/CodeSystem/utg-concept-properties#v3-internal-id",
    "code" : "internalId",
    "valueCode" : "23474"
  }, {
    "_uri" : "http://hl7.org/fhir/concept-properties#parent",
    "code" : "subsumedBy",
    "valueCode" : "SECOBS"
  } ],
  "codesystem" : "cbab4a87-49ca-5502-88d6-f33b5f07237f",
  "concept_id" : "9cfe271f-b915-544f-98cf-64ee0b52223f",
  "ancestors" : {
    "SECOBS" : 1,
    "SECCONOBS" : 0
  },
  "id" : "3600bc23-1e9a-4f13-b1c0-e728f151a325",
  "code" : "SECCONOBS",
  "display" : "security control observation",
  "version" : "9.0.0"
}