This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

August 14, 2018 Security Conference Call

From HL7Wiki
Jump to navigation Jump to search

Back to Security Main Page


x Member Name x Member Name x Member Name x Member Name
. John Moehrke Security Co-chair . Kathleen Connor Security Co-chair . Alexander Mense Security Co-chair . Trish Williams Security Co-chair
x Christopher Shawn Security Co-chair x Suzanne Gonzales-Webb x Mike Davis x David Staggs
x Diana Proud-Madruga x Francisco Jauregui x Joe Lamy . Greg Linden
. Rhonna Clark . Grahame Grieve . Johnathan Coleman . [mailto: Matt Blackman, Sequoia]
. Mohammed Jafari x Jim Kretz . Peter Bachman x Dave Silver
. Beth Pumo . Bo Dagnall . Riki Merrick . [mailto: Julie Maas]

Joe L, Mike, chris shawn dave s, david stags, diana, Francisco, jim K


  1. (2 min) Roll Call, Agenda Approval
  2. (5 min) Review and Approval of:
  3. (5 min) GDPR whitepaper on FHIR update - Alex, John, Kathleen
  4. (5 min) PSS Review and Vote Cross Paradigm Interoperable Implementation IG PSS
  5. (5 min) TF4FA Normative Ballot reconciliation (formerly PSAF) - Mike, Chris
  6. (10 min) PASS Audit post ballot reconciliation document update - Mike
  7. (05 min) TF4FA Trust Framework Volume 3 (placeholder) - Mike, Chris
  8. Is Privacy Obsolete - Mike
  9. (05 min) Placeholder: HL7 WGM Baltimore planning

Back to Security Main Page

Meeting Minutes (DRAFT)

Chair: Chris Shawn

Roll taken, no additions made to agenda

GDPR whitepaper on FHIR update

  • Link to Rene Spronk's GDPR presentation: password GDPR (4 capitals) approx. 30 min long.
  • highly recommended by Mike Davis

PSS MOTION made: For Security to be a co-sponsor for PSS linked as presented (Suzanne/MIke) objections: none; abstentions: none; motion approved: 10

TF4FA Ballot reconciliation MOTION: To approve block of TF4FA ballot comments 25-41 (Suzanne/Mike) objections: none; abstentions: none; motion approved: 10

  • Sub-Groups meeting earlier on Tuesdays,
  • Comments 42-51 ballot resolutions completed today

PASS Audit document update

  • No update on AUDIT

TF4FA Trust Framework - Volume 3

  • Met this week to discuss; understand that there is a great deal of interested in Provenance
  • reviewed by Kathleen with complements
  • plan to present document update at the September WGM, balloting in January
  • added to WGM, Security-CBCP Q3/Q4 MON joint session
  • Document will be put out to Security and CBCP listserve as soon as we can for review (pre-ballot)
  • presented major graphics at the Security WG, its a matter of filling in the content
  • no questions

Privacy Obsolete

  • Plan to present results at the WGM,(added to the joint agenda CBCP-Security MON Q3/Q4 joint meeting)
  • there is a tremendous amount of information being gathered (enough for 3+ years)
    • trying to narrow it down and make resources available
    • We have to make some tables that summarize the principal vectors that we were looking at
      • i.e. technology, policy viewpoints
    • we will most likely not have a definitive conclusion, but information can be evaluated, its very specific to what country you're living (i.e.US:good luck, EU:better, etc)
  • Mike does not feel that its obsolete--that's what the paper will draw out, that there are a lot of challenges
    • PPT given at May 2018 meeting which will be very close to where we are at

Baltimore WGM Agenda

  • Added to TUE Q4 - Update TO PSAF Working Session to PSAF/TF4FA Volume 3 Working Session)
    • (Move from TUE Q1 (TF4FA - Volume 3) for additional discussion time)
  • DISCUSSIONS on major changes in FHIR (from experts) ; full quarter desired for overview discussion
    • discussion/report out of changes expected to see. Something in between FHIR for DUMMIES and FHIR for TECHNICAL discussion
    • Drill down of activities
  • suggest to add to (TUE Q3 entire quarter)


  • Mike mentioned that a few folk have been close to the TEFCA;
    • add discussion around TEFCA; anticipating that ONC will put something out/next version (suggested:
    • TEFCA update; more than what does TEFCA and its acronym mean...
      • in the US the Feds have been involved in their own Working Group to make TEFCA recommendations and express concerns
      • if we have an opportunity to talk to that; (more than 10 minutes)
    • schedule a Q on TEFCA; invite ONC, VA, IHS, CMS, SSA, DoD (US Federal Agencies)
      • issues around the TEFCA that is of interest to HL7
  1. finishing up of POU; current TEFCA has defined POU, but is different.... some states have need for Emergency access/not currently authorized, which is not part of TEFCA; HL7 needs to do a better job of promoting...making TEFCA standards based and not 'made up' by verticles (TEFCA has its own, VA has its own, DURSA has its own); we want to coax ONC into adopting the HL7 standards;
  • because we are very willing to put into th voca into the vertical; Sequoa, CommenWell or whomever


  • OASIS Update to XSPA-SAML (add to Q3 Q4 joint) as part of international standards

Motion to Adjourn: (Suzanne) Meeting adjourned at 1234 Arizona Time --Suzannegw (talk) 15:35, 14 August 2018 (EDT)