The HealthVault SDK assemblies require certain Code Access Security permissions in order to work properly in an ASP.NET application. In medium trust or partial trust configurations, the code permissions granted to an ASP.NET application are determined by a Code Access Security (CAS) policy file on the Web server.
Many Web hosting providers run ASP.NET applications in a medium trust environment. Medium trust does not provide all the permissions required by the Microsoft.Health.dll and Microsoft.Health.Web.dll assemblies. You may need to negotiate with your hosting provider to get additional permissions for your application. (If you manage your own ASP.NET server but do not want to run your application with full trust, you will need to configure the CAS permissions yourself. For more information, see Chapter 9 of "Improving Web Application Security: Threats and Countermeasures", Using Code Access Security with ASP.NET).
The following permissions are always required by Microsoft.Health.Web.dll:
Certain features exposed through Microsoft.Health.Web.dll and Microsoft.Health.dll require additional permissions or security demands.
All HealthVault exceptions are serializable using the ISerializable.GetObjectData virtual method, which requires a LinkDemand for the SecurityPermissionAttribute.SerializationFormatter property.