This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

Difference between revisions of "October 30, 2018 Security Conference Call"

From HL7Wiki
Jump to navigation Jump to search
 
(11 intermediate revisions by 3 users not shown)
Line 44: Line 44:
 
#''(2 min)'' '''Roll Call, Agenda Approval'''  
 
#''(2 min)'' '''Roll Call, Agenda Approval'''  
 
#''(2 min)'' '''[http://wiki.hl7.org/index.php?title=October_23,_2018_Security_Conference_Call Review and Approval of Minutes October 23, 2018]
 
#''(2 min)'' '''[http://wiki.hl7.org/index.php?title=October_23,_2018_Security_Conference_Call Review and Approval of Minutes October 23, 2018]
#''(15 min)'' '''[https://gforge.hl7.org/gf/project/security/docman/HL7%20Security%20SOA/TF4FA%20(formerly%20PSAF)/TF4FA%20-%20Ballot%20Reconciliation%20May%202018%20ballot/ballotcomments_V3_PSAF_R1_N1_2018MAY%20amalgamated_20181023_sgw.xlsm Review last block of TF4FA Vol 1 and 2 Ballot comments: 147 - 161 from TF4FA Recon call]''' Final vote on the last of the dispositions is scheduled for 10/30.
+
#''(15 min)'' '''[https://gforge.hl7.org/gf/project/security/docman/HL7%20Security%20SOA/TF4FA%20(formerly%20PSAF)/TF4FA%20-%20Ballot%20Reconciliation%20May%202018%20ballot/ballotcomments_V3_PSAF_R1_N1_2018MAY%20amalgamated_20181030.xlsm Review last block of TF4FA Vol 1 and 2 Ballot comments: 147 - 161 from TF4FA Recon call]''' Final vote on the last of the dispositions is scheduled for 10/30.
#''(2 min)'' '''[http://wiki.hl7.org/index.php?title=PASS_Healthcare_Audit_Services Update on revision of PASS Audit]''' - Mike/Chris
+
#''(2 min)'' '''[http://wiki.hl7.org/index.php?title=PASS_Healthcare_Audit_Services Update on revision of PASS Audit]''' - Mike
 
#''(2 min)'' '''[http://www.hl7.org/special/committees/tsc/ballotmanagement/DisplayNIB.cfm?ballot_document_sdo_id=1004 TF4FA Trust Framework, Volume 3 NIB Submission]''' - Mike  
 
#''(2 min)'' '''[http://www.hl7.org/special/committees/tsc/ballotmanagement/DisplayNIB.cfm?ballot_document_sdo_id=1004 TF4FA Trust Framework, Volume 3 NIB Submission]''' - Mike  
#''(2 min)'' '''3 Reaffirmation NIBs [http://www.hl7.org/special/committees/tsc/ballotmanagement/DisplayNIB.cfm?ballot_document_sdo_id=1016 HCS], [http://www.hl7.org/special/committees/tsc/ballotmanagement/DisplayNIB.cfm?ballot_document_sdo_id=1017 SLS], [http://www.hl7.org/special/committees/tsc/ballotmanagement/DisplayNIB.cfm?ballot_document_sdo_id=1015 SPO] and 3 Harmonization Proposals submitted this weekend''' - Kathleen
+
#''(5 min)'' '''[http://www.hl7.org/special/Committees/projman/searchableProjectIndex.cfm?action=edit&ProjectNumber=1440DS4 DS4P Project page] and [https://gforge.hl7.org/gf/project/security/docman/HL7%20DS4P%20Ballot/DS4P%20Reaffirm.pdf DS4P  Reaffirmation NIB]''' - Security WG as cosponsor needs to vote to approve. 
#''(15 min)'' '''[https://gforge.hl7.org/gf/project/security/docman/Harmonization/Nov%202018%20Harmonization/CUI%20Security%20Label%20Harmonization%20Proposal CUI Security Label Harmonization Proposal - More than you ever want to know]- Kathleen
+
#''(5 min)'' '''3 Reaffirmation NIBs [http://www.hl7.org/special/committees/tsc/ballotmanagement/DisplayNIB.cfm?ballot_document_sdo_id=1016 HCS], [http://www.hl7.org/special/committees/tsc/ballotmanagement/DisplayNIB.cfm?ballot_document_sdo_id=1017 SLS], [http://www.hl7.org/special/committees/tsc/ballotmanagement/DisplayNIB.cfm?ballot_document_sdo_id=1015 SPO] submitted this weekend''' - Kathleen
 +
#''(15 min)'' '''[https://gforge.hl7.org/gf/project/security/docman/Harmonization/Nov%202018%20Harmonization/CUI%20Security%20Label%20Harmonization%20Proposal.pptx CUI Security Label Harmonization Proposal - More than you ever want to know]- Kathleen
 
#''(10 min)'' '''FHIR Security Update on [https://gforge.hl7.org/gf/project/security/docman/FHIR%20Security/JSON%20Security%20Labels/XSAP%202%20JSON%20FHIR%20Security.docx XSAP 2.0 JSON FHIR Security Labels]''' and other happenings - John
 
#''(10 min)'' '''FHIR Security Update on [https://gforge.hl7.org/gf/project/security/docman/FHIR%20Security/JSON%20Security%20Labels/XSAP%202%20JSON%20FHIR%20Security.docx XSAP 2.0 JSON FHIR Security Labels]''' and other happenings - John
 
#* FHIR-Security call will be alternating between core FHIR Security topics, and work on FHIR Connectathon - Care Plan scenario  
 
#* FHIR-Security call will be alternating between core FHIR Security topics, and work on FHIR Connectathon - Care Plan scenario  
 
#''(5 min)'' '''GDPR whitepaper on FHIR''' Update - Alex
 
#''(5 min)'' '''GDPR whitepaper on FHIR''' Update - Alex
  
[[Security|Back to Security Main Page]]
 
  
 
==Meeting Materials==
 
==Meeting Materials==
Line 73: Line 73:
  
 
==Meeting Minutes DRAFT==
 
==Meeting Minutes DRAFT==
Chair, TBD
+
Chair, Chris Shawn
 +
 
 +
Approval of Meeting Minutes (Kathleen/Suzanne)
 +
* Abstain: none; Oppose: none; Approve: 8 (Suzanne to confirm)
 +
 
 +
 
 +
'''Review of TF4FA Ballot '''
 +
* [https://gforge.hl7.org/gf/project/security/docman/HL7%20Security%20SOA/TF4FA%20(formerly%20PSAF)/TF4FA%20-%20Ballot%20Reconciliation%20May%202018%20ballot/ballotcomments_V3_PSAF_R1_N1_2018MAY%20amalgamated_20181030.xlsm Review last block of TF4FA Vol 1 and 2 Ballot comments: 147 - 161 from TF4FA Recon call]
 +
Block Vote Approval of (above listed): (Kathleen/Suzanne)
 +
Above, Including Comment Resolutions #26, #66, #105
 +
 
 +
Objections: none; Abstentions: none; Approval: 8 (Suzanne to confirm)
 +
Point of Question - When do we ask for voter retraction of the ballot negative; do we have to complete the updated document
 +
* upload the reconciliation spreadsheet (under co-chair abilities on HL7.org page)
 +
* Suzanne or Kathleen will upload ballot reconciliation sheet and notify negative voters requesting withdrawal of negative vote
 +
 
 +
 
 +
'''PASS Audit'''
 +
Ballot reconciliation completed, have been placing comments into the document.  We will need to provide the Security WG chairs with the spreadsheet for negative voters to withdraw their vote
 +
 
 +
 
 +
'''DS4P'''
 +
* NIB submitted; move the discussion forward so that Johnathan can speak to DS4P reaffirmation
 +
* Normative standard going through reaffirmation (potentially)
 +
** HL7 has tightened its timelines ; within CBCP we have voted affirmative to move forward with this standards--because we did not meet following WGM; we appealed to the TSC which was approved
 +
** along with that the PSS and additional administrative is going through Clinical SD for approval 10-day eVote period
 +
** NIB submitted today
 +
on behalf of CBCP WG, Security as the co-sponsor of WG is that we vote for the affirmation today (just in case) vote is needed
 +
 
 +
MOTION to vote on reaffirmation on DS4P (Johnathan / Suzanne)
 +
*VOTE: objections: none; Abstentions: none; Approval:
 +
 
 +
 
 +
NIB submitted for HL7 TF4FA;
 +
* Voted to agree to change TF4FA to '' '''Trust Framework for Security and Privacy'' ''' - may change name after ballot (Volume 3 with Provenance in the name  (changing the names of the other documents when a PSS is updated)
 +
 
 +
NIBs submitted for HCS, SLS, SPO also submitted this weekend;  for January 2018 ballot cycle
 +
 
 +
 
 +
Review of CUI Security Label Harmonization Proposal <<link to PPT>>
 +
* missed on the privacy CUI portions for the proposal
 +
* Discussion and updates made to the PPT
 +
** also missing dissemination CUI?
 +
 
 +
 
 +
Meeting adjourned 1:04 Arizona Time --[[User:Suzannegw|Suzannegw]] ([[User talk:Suzannegw|talk]]) 16:05, 30 October 2018 (EDT)
 +
[[Security|Back to Security Main Page]]

Latest revision as of 19:58, 6 November 2018

Back to Security Main Page

Attendees

Back to Security Main Page

x Member Name x Member Name x Member Name x Member Name
x John Moehrke Security Co-chair x Kathleen Connor Security Co-chair x Alexander Mense Security Co-chair . Trish Williams Security Co-chair
x Christopher Shawn Security Co-chair x Suzanne Gonzales-Webb x Mike Davis . David Staggs
x Diana Proud-Madruga . Johnathan Coleman . Francisco Jauregui . Joe Lamy
. Theresa Ardal Connor . Greg Linden . Grahame Grieve . Dave Silver
. Beth Pumo x Jim Kretz . Peter Bachman . Bo Dagnall

Back to Security Main Page

Agenda

  1. (2 min) Roll Call, Agenda Approval
  2. (2 min) Review and Approval of Minutes October 23, 2018
  3. (15 min) Review last block of TF4FA Vol 1 and 2 Ballot comments: 147 - 161 from TF4FA Recon call Final vote on the last of the dispositions is scheduled for 10/30.
  4. (2 min) Update on revision of PASS Audit - Mike
  5. (2 min) TF4FA Trust Framework, Volume 3 NIB Submission - Mike
  6. (5 min) DS4P Project page and DS4P Reaffirmation NIB - Security WG as cosponsor needs to vote to approve.
  7. (5 min) 3 Reaffirmation NIBs HCS, SLS, SPO submitted this weekend - Kathleen
  8. (15 min) CUI Security Label Harmonization Proposal - More than you ever want to know- Kathleen
  9. (10 min) FHIR Security Update on XSAP 2.0 JSON FHIR Security Labels and other happenings - John
    • FHIR-Security call will be alternating between core FHIR Security topics, and work on FHIR Connectathon - Care Plan scenario
  10. (5 min) GDPR whitepaper on FHIR Update - Alex


Meeting Materials

Introduction to Marking CUI (updated August 6, 2018) Introduction to Marking CUI (updated August 6, 2018) This video provides an overview of how to mark documents, emails, presentations, systems, and other files that contain CUI. It specifically addresses the designation indicator and the CUI banner marking, including the CUI control marking, CUI category markings, and Limited Dissemination Control Markings. It also discusses portion marking, the use of cover sheets, marking multi-page documents, and decontrolling CUI. NIST CUI Security Requirements Workshop 10/18/18 Everything you ever wanted to know about CUI

Meeting Minutes DRAFT

Chair, Chris Shawn

Approval of Meeting Minutes (Kathleen/Suzanne)

  • Abstain: none; Oppose: none; Approve: 8 (Suzanne to confirm)


Review of TF4FA Ballot

Block Vote Approval of (above listed): (Kathleen/Suzanne) Above, Including Comment Resolutions #26, #66, #105

Objections: none; Abstentions: none; Approval: 8 (Suzanne to confirm) Point of Question - When do we ask for voter retraction of the ballot negative; do we have to complete the updated document

  • upload the reconciliation spreadsheet (under co-chair abilities on HL7.org page)
  • Suzanne or Kathleen will upload ballot reconciliation sheet and notify negative voters requesting withdrawal of negative vote


PASS Audit Ballot reconciliation completed, have been placing comments into the document. We will need to provide the Security WG chairs with the spreadsheet for negative voters to withdraw their vote


DS4P

  • NIB submitted; move the discussion forward so that Johnathan can speak to DS4P reaffirmation
  • Normative standard going through reaffirmation (potentially)
    • HL7 has tightened its timelines ; within CBCP we have voted affirmative to move forward with this standards--because we did not meet following WGM; we appealed to the TSC which was approved
    • along with that the PSS and additional administrative is going through Clinical SD for approval 10-day eVote period
    • NIB submitted today

on behalf of CBCP WG, Security as the co-sponsor of WG is that we vote for the affirmation today (just in case) vote is needed

MOTION to vote on reaffirmation on DS4P (Johnathan / Suzanne)

  • VOTE: objections: none; Abstentions: none; Approval:


NIB submitted for HL7 TF4FA;

  • Voted to agree to change TF4FA to Trust Framework for Security and Privacy - may change name after ballot (Volume 3 with Provenance in the name (changing the names of the other documents when a PSS is updated)

NIBs submitted for HCS, SLS, SPO also submitted this weekend; for January 2018 ballot cycle


Review of CUI Security Label Harmonization Proposal <<link to PPT>>

  • missed on the privacy CUI portions for the proposal
  • Discussion and updates made to the PPT
    • also missing dissemination CUI?


Meeting adjourned 1:04 Arizona Time --Suzannegw (talk) 16:05, 30 October 2018 (EDT) Back to Security Main Page