April 21, 2015 Security WG Conference Call
Attendees
| x | Member Name | x | Member Name | x | Member Name | |||
|---|---|---|---|---|---|---|---|---|
| Mike DavisSecurity Co-chair | . | Duane DeCouteau | . | Chris Clark | ||||
| x | John MoehrkeSecurity Co-chair | . | Johnathan Coleman | . | Aaron Seib | |||
| x | Alexander Mense Security Co-chair | . | Ken Salyards | . | Don Jorgenson | |||
| . | Trish WilliamsSecurity Co-chair | . | Gary Dickinson | . | Tim McKay | |||
| x | Kathleen Connor | . | Ioana Singureanu | . | Mohammed Jafari | |||
| x | Suzanne Gonzales-Webb | Darrell Woelk | . | Galen Mulrooney | ||||
| x | Diana Proud-Madruga | . | Reed Gelzer | William Kinsley | ||||
| x | Rick Grow | . | Oliver Lawless | . | Paul Knapp |
Agenda DRAFT
- (05 min) Roll Call, April 07 Meeting Minutes
- Privacy and Security Architectural Framework (SOA) - Diana
- (10 min) Vocabulary Alignment Project - Diana/Reed
- Agenda for 2015 May Paris Meeting WGM (add link)
- (as time allows) FHIR disposition - review/discussion, ongoing agenda item
- (05 min) Other business, action items, and adjournment
Meeting Minutes
Approval of April 7 Meeting Minutes
The minutes from the April 7, 2015 meeting were unanimously approved. (objections:0, abstentions:0,approval:4)
Privacy and Security Architectural Framework (SOA) - Diana
Discussion primarily on Agenda for Paris Meeting (no update)
Vocabulary Alignment Project - Diana/Reed
- The project team discussed the distinction between how provenance support data and security audit data are included in records. Diana asked the provenance SMEs on the CBCC call (Johnathan and Kathleen) to confirm that provenance data is a part of the original record, whereas security audit data is not necessarily a part of the original record as this data is captured and maintained in audit logs. Johnathan and Kathleen agreed with the Vocabulary Alignment team's evaluation of the difference.
- Diana also asked Johnathan and Kathleen to clarify the distinction between a provenance audit and a security audit. Johnathan answered that there is no existing concept of a provenance audit. He added that provenance involves attributes about the origin of clinical information which are coupled and associated with the clinical information, whereas security audit is something that could be decoupled and detached, and is separate from provenance.
Agenda for HL7 WGM Paris WGM - John M / Suzanne
- John M will be creating draft/skeleton Agenda
- Agenda will be updated ad hoc up to the day of the Paris meeting
FHIR Disposition - John Moehrke
No update
FHIM update - Kathleen
The current focus is on development of a healthcare provenance model that could be specialized to address the provenance-related use cases (and their differing requirements and perspectives) for: ○ Research – where the provenance of provenance and research processes are key concerns ○ Clinical – where a Clinician or a Clinical Decision Support system need to evaluate confidence/authenticity/reliability of information for clinical decision-making ○ Records Management and Evidentiary Support – where the medical/legal issues related to provenance are key concerns and likely the perspective of most interest to AHIMA ○ Security – where audit, accounting of disclosure, and provenance-related access control are of key concern (e.g., only the author can access an unattested record entry) As a result, the HL7 Security WG, with CBCC WG as cosponsor, created a new project, PSAF Project 914.
Meeting adjourned at 12:28 PDT --Suzannegw (talk) 15:28, 21 April 2015 (EDT)
