Data security and privacy plays a key role in carrying out day to day and long term business operations successfully. Organizations need to protect their data in the areas of data security and privacy. Therefore data security and privacy is a significant activity for large organizations. One novel method used to achieve data security is to use fuzzy logic based data classification to determine the required data security levels based on various government and business policies. Classifying data provides organizations the facilities to categorise organisational data based on organisational policies. Organisational data needs to be evaluated. Fuzzy logic based categorisation is explored in this paper. The method employed is based on Mohammadian et al. (Int J Electron Financ 3(4):374–386, 2009). This paper considers the application of a hierarchical fuzzy logic (HFL) classification method for categorizing organisational data based on governmental and business data policies. This paper demonstrates the use of a HFL to improve data classification. HFL reduces the size of the required fuzzy knowledge base system of the HFL data classification. This paper demonstrates how a HFL system can be employed to improve data security, privacy and user access control to determine data and user access control based on data sensitivity government and organizational data security requirements and user level security measures.