This wiki has undergone a migration to Confluence found Here
April 11, 2017 Security Conference Call
Jump to navigation
Jump to search
Attendees
x | Member Name | x | Member Name | x | Member Name | x | Member Name | |||
---|---|---|---|---|---|---|---|---|---|---|
x | John MoehrkeSecurity Co-chair | x | Kathleen ConnorSecurity Co-chair | . | Alexander Mense Security Co-chair | . | Trish WilliamsSecurity Co-chair | |||
. | Mike Davis | . | Suzanne Gonzales-Webb | x | David Staggs | . | Mohammed Jafari | |||
. | Glen Marshall, SRS | x | Beth Pumo | . | Ioana Singureanu | . | Rob Horn | |||
. | Diana Proud-Madruga | . | Serafina Versaggi | x | Joe Lamy | . | Galen Mulrooney | |||
. | Duane DeCouteau | . | Chris Clark | . | Johnathan Coleman | . | Aaron Seib | |||
. | Ken Salyards | . | Christopher D Brown TX | . | Gary Dickinson | x | Dave Silver | |||
. | Rick Grow | . | William Kinsley | . | Paul Knapp | x | Mayada Abdulmannan | |||
. | Kamalini Vaidya | . | Bill Kleinebecker | x | Christopher Shawn | . | Grahame Grieve | |||
. | Oliver Lawless | . | Ken Rubin | . | David Tao | . | Nathan Botts |
Agenda
- (2 min) Roll Call, Agenda Approval
- (4 min) Review and Approval of Security WG Call Minutes April 4, 2017
- (30 min) [1] Update on Madrid Agenda - Kathleen and John to update on:
- Bernd presentation: when and what topics - Currently scheduled for CBCC Joint Monday Q3/4 - only 20 minutes scheduled - likely need an additional Security WG quarter for in-depth discussion.
- mHealth - neither David or Nathan will be in Madrid
- Aegis FHIR Security Conformance during EHR Joint - EHR Cochair outreach for confirmation underway.
- Josh Mandel for Smart on FHIR session.
- (5 min) FHIR Security Call - Please review front matter - John Moehrke
Minutes
Chaired by John
- Agenda Approved
- April 4th Security WG Call Meeting Minutes Reviewed, Chair updated to Alexander Mense, Approved
- Update on Madrid Agenda [2] Kathleen and John
- Wed Q3
- Mobile Health team will not be in attendance
- Josh could be available
- EHR WG’s discussion will be specific to their performance testing, not Security’s.
- Aegis requested test case
- Discussions with Mario, Gary and FHIR-I re specific performance tests for Privacy, Security, Provenance, Security Labels and possibly Digital Ledger Technology
- Kathleen: OAuth for Patient Right of Access
- Josh: SMART on FHIR and Sync for Science have API’s
- VA: FHIR Audit Consent has been tested
- VA: FHIR Consent Resource and FHIR Consent Profile
- VA: Tested Provenance and Audit at HIMSS
- Kathleen had mtg with Standards Governance Board; very interested in Privacy and Security by Design
- CBCC created Standards Privacy Assessment
- Cookbook
- John: EHR, CBCC, FHIR, SOA and Security re test scenarios:
- What are the test scenarios and within each one of them, what are the various actors and steps and within those steps, what are the critical resources that get touched, labels that get touched. Those scenarios can declare a policy toward that particular test scenario.
- Discussions with Mario, Gary and FHIR-I re specific performance tests for Privacy, Security, Provenance, Security Labels and possibly Digital Ledger Technology
- Kathleen encouraged people to look at agenda for Wed Q3
- Josh to discuss progress on SMART on FHIR; timeline; CDS Hook
- Wed Q4: Continue TF4FA; could be made available to continue Q3
- Bernd presentation only allocated 20 minutes; will likely need an additional quarter; meant to be a full session
- Wed Q3
- FHIR Security call - Please review front matter
- Call ended.