• Print

Enabling Privacy: Data Segmentation

DS4P Initiative

Data Segmentation for Privacy Initiative

Sponsored by the Office of the Chief Privacy Officer (OCPO), the Data Segmentation for Privacy (DS4P) Initiative models the type of success possible when federal and private industry groups work together. The DS4P Initiative made important progress towards improving the ability of sensitive health information, specifically substance abuse patient records, to flow properly, so that patients get the care they need without fear of stigma.

The DS4P Initiative began in late 2011, with Phase 1 ending in the spring of 2014. The initiative produced six test cases (also called “pilots”), a number of deliverables, and a normative, technical Health Level 7 (HL7) International standard for the segmentation of sensitive health information. In particular, DS4P’s pilots showed how the 42 Code of Federal Regulations (CFR) Part 2 [PDF - 13.2 MB] Prohibition on Redisclosure Notice can be transmitted, along with substance abuse patient records, when a patient has consented to the disclosure. (Note: The Prohibition on Redisclosure Notice informs the lawful recipient of a disclosure that he/she may not redisclose it unless the patient consents in writing or the recipient is otherwise authorized by 42 CFR Part 2.)

Although Phase 1 of the initiative’s work is officially complete, data segmentation efforts continue. The Office of the National Coordinator for Health Information Technology (ONC) encourages the DS4P teams, implementers, and Standards Development Organizations (SDOs) to continue their efforts to improve on the initiative’s work.


The DS4P Initiative met its two goals, which were to:

  1. Demonstrate how standards can be used to support current privacy policies for sharing sensitive health information across organizational boundaries
  2. Develop standards which will enable sensitive electronic health information to flow more freely to authorized users while improving the ability of health information technology (health IT) systems to implement current privacy protection requirements for certain types of health care data, such as substance abuse patient records


The DS4P Initiative boasted 344 participants, who are listed on the DS4P Wiki. Of those, 110 were committed members and 103 were committed organizations.

Test Cases (Pilots)

The DS4P Initiative involved six test cases (also known as “pilots”) which are named below. For more details, visit the DS4P Test Cases page or DS4P Wiki (click on the pilots in the right-hand menu).


The DS4P Initiative produced a number of important deliverables, listed below.

HL7 DS4P Products

The DS4P Initiative inspired a new family of standards that extend the reach and footprint of the DS4P IG.

Building on the DS4P Initiative’s IG, HL7 began a DS4P project in 2013. Their project was sponsored by the HL7 Security Work Group and the Community Based Collaborative Care (CBCC) Work Group.

HL7 DS4P produced an implementation guide — “HL7 Implementation Guide: Data Segmentation for Privacy, Release 1” — which finished Normative Ballot in January 2014 and was accredited by the American National Standards Institute (ANSI) in May 2014. The Guide has three volumes:

The HL7 DS4P standard uses tagging to convey confidentiality levels and obligations. The tagging terms convey specific meaning (e.g., “Do not redisclose without consent” and “This document is restricted”).

Additional HL7 DS4P products are:

Click here to watch a demonstration of how the HL7 Healthcare Privacy and Security Classification System (HCS) Security Labels work with FHIR.

IHE Activities

Integrating the Healthcare Enterprise (IHE) created a DS4P supplement which documents an ITI US-realm implementation of Cross Enterprise Document Sharing (XDS) to align with the HL7 balloted standard. IHE’s supplement is very much a mirror of the HL7 standard.

IHE has published a change proposal called “Document Sharing Metadata Enhancement for Security/Privacy Tags [PDF - 98 KB]”. This change shows how to include security/privacy tags in document-sharing metadata (i.e., the confidentialityCode).

The change conveys handling caveats such as Refrain Policy, Obligation Policy, and Purpose of Use. It also enables consistency with the HL7 HCS standard and HL7 DS4P standard.

Consent2Share Pilot Project

The U.S. Department of Health and Human Services’ SAMHSA is using DS4P’s standards to develop Consent2Share (C2S). C2S is an open source tool for consent management and data segmentation. The tool is designed to integrate with current Electronic Health Record (EHR) and Health Information Exchange (HIE) systems. Visit the C2S Wiki for more information.



The Enabling Privacy web pages are provided for informational purposes only. They are not intended to be an exhaustive or definitive source on data segmentation, nor should the information contained herein be construed as legal advice.