Authorization: You can only see and do the things that you are allow to, based upon your role in the given organization. Authorization can be user based, role based, or context based. Authorization designed well will not prevent providers from their patient care activities.