Table 2.

Categorization of asset values [19, 44, 49–52]

Security objective	Potential impact	Description
Confidentiality	High	Should be available internally to authorized persons only; unauthorized exposure can result in harm to individual privacy and/or fatal damage to telemedicine system
	Moderate	Can be disclosed internally but in case of external exposure may cause significant problems with respect to individual privacy and/or telemedicine system
	Low	If exposed to external persons, will have negligible effect on individual privacy and telemedicine system
Integrity	High	Accidental or intentional changes may result in extreme harm to individual privacy or telemedicine system
	Moderate	Accidental or intentional changes may cause significant damage to individual privacy or telemedicine system
	Low	Accidental or intentional changes will have negligible effect on individual privacy or telemedicine system
Availability	High	Service interruption may cause fatal damage to operation of telemedicine system
	Moderate	Service interruption may result in significant damage to telemedicine system
	Low	Service interruption will cause negligible damage to telemedicine system
Asset Contribution	High	Asset is essential to telemedicine system services
	Moderate	Asset is partially necessary for telemedicine system services
	Low	Asset plays a supporting role in telemedicine system services