This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

August 21, 2012 Security Working Group Conference Call

From HL7Wiki
Jump to navigation Jump to search

Security Working Group Meeting

Back to Security Main Page

Attendees

Back to Security Main Page

Agenda

  1. (10 min) Roll Call, Approve August 14, 2012 Security Working Group Conference Call Minutes & Accept Agenda
  2. (30 min) September WGM Agenda – Presiding Cochair
  3. (10 min) Update on demonstration of ONC Data Segmentation for Privacy pilot led by VA/SAMHSA at HL7 – Mike Davis
  4. (10 min) Other Business, Agenda for Next call, Action Items, and Wrap Up

Minutes

  • RE: Approval of Minutes and Agenda – Presiding Cochair, Mike Davis, asked for approval of the minutes and agenda. Bill moved; John seconded. Minutes and agenda approved (0-0-4)
  • RE: WG reviewed and updated the proposed agenda. Changes include:
    • Addition of Tuesday Q5 session for DS4P pilot discussion
    • Planning for joint meeting with EHR WG on HL7 EHR Functional Model Security and Privacy terminology and alignment with recent ISO 1441 EHR Security and Privacy Functional Model
    • Data Segmentation Strategies for Legacy Systems presentation by FM cochair, Mary Kay McDaniel (Cognosante) Thursday Q2
    • Security WG 3-Year Plan – WG will review the status and go-forward deliverables, milestones, and timelines for all projects, including which to fold into the SSOA project
    • Security WG Free Educational Session Wednesday Q3-4, which is noted in the HL7 Baltimore site brochure on page 13:
      • This session will focus on how to apply security and privacy to the health IT standards. It will cover the basics of security and privacy using real-world examples. The session will explain how each phase of design needs to consider risks to security and privacy to best design security and privacy in; and mechanisms for flowing risks down to the next phase of design. In addition, it will cover the security and privacy relevant standards that HL7 has to offer including: Role-Based-Access-Control Permissions, Security/Privacy ontology, ConfidentialityCode, CDA Consent Directive, Access Control Service, Audit Control Service, and others. These standards and services will be explained in the context of providing a secure and privacy protecting health IT environment.
  • RE: Update on demonstration of ONC Data Segmentation for Privacy pilot led by VA/SAMHSA at HL7 – Mike reported that
    • ONC and HL7 are working on a joint press release
    • The demonstration would be announced during one of the main meal events
    • There will be ongoing demonstration in a booth in the registration area atrium, which will be open to non-registrants as well as a Q5 session for in depth discussions
    • Ted and Mike discussed communication collateral resourcing

The WG discussed outreach to key stakeholder groups including the HITPC and HITSC, NCVHS, OCR, and Patient Privacy Rights Advocacy groups. Bill offered to contact principals with these groups. WG will discuss outreach activities during the August 28th Security WG call.

  • RE: Other Business, Agenda for Next call, Action Items, and Wrap Up

Meeting adjourned at 2:00 PM Eastern

Action Items

  • RE: DS4P demo logistics: Mike is on point for session planning, PR, and communication outreach and collateral
  • RE: DS4P demo outreach: Bill is on point for outreach to key constituencies
  • RE: WGM Agenda: Kathleen will update agenda based on call discussion for review on next call

Back to Security Main Page