3:30-5:00

• Welcome and Introductions
• Agenda Review

1. Is Privacy Obsolete PPT - (Kathleen for Mike Davis)
2. Joint Project report out
3. US and International Report out
4. Joint Project review

• Security and Privacy advancements since last WGM, informal/around the room

NEW discussion items; NEW projects; NEW PSS, etc. - note: 10 min timestamp

• (tentative) Security and Privacy > GPDR

GDPR, Patient Engagement and CBCP(discussion)

GDPR discussion: We should define:

• how to request for transfer of data
• how to request erasure
• how to respond with a confirmation or rejection of either request .....
  • we should have a GPDR implementation guide
• Most of the exceptions to erasure apply in healthcare, and there'll rarely be any actual erasure:
  • Organisations can refuse to comply with a request for erasure if:
    • The processing is protected by the right to freedom of expression;
    • Processing the data is necessary to comply with a legal obligation for the performance of a public interest task or exercise of official authority;
    • The data is for health purposes in the public interest;
    • The data is being used for archiving purposes in the public interest, scientific or historical research, or statistical purposes; or
    • The processing is necessary to exercise or defend legal claims.

Proposed Topics: HL7 Project status and updates:

1. ONC Research Patient Choice (confirm w/Johnathan)
2. Security and Privacy Outreach for member recruitment (discussion)

• ONC Patient Choice Pilot(s) - (confirm with Johnathan)
• Security, CBCP topics discussion if time avaialble

See EHR Agenda for topics Electronic Health Records Hosting

• Planning, Co-chair administrative
  • next WGM agenda prep, requests for next WGM

• No meeting

• Review of Behavioral Health Dam - Ioana or Neelima? (tentative)

• FHIR GDPR and Patient Engagement - David Pyke

• CBCP to Security meeting (Security hosting)