Oracle Label Security helps organizations address security and compliance requirements using sensitivity labels such as confidential and sensitive. Sensitivity labels can be assigned to users in the form of label authorizations and associated with operations and objects inside the database using data labels. Label authorizations provide tremendous flexibility in making access control decisions and enforcing separation of duty. Oracle Label Security can be used to address numerous operational issues related to security, compliance and privacy. Used with Oracle Database Vault, Oracle Label Security label authorizations are factors that control access to applications, databases and data. Label authorizations can be used in conjunction with virtual private database to mask out PII data. Secure application role policies can use label authorizations to control access to powerful privileges. Sensitivity labels can also be used for informational purposes, informing an application user the database contains privacy related data and the data should be handled with care.