August 21, 2018 Security Conference Call
Attendees
| x | Member Name | x | Member Name | x | Member Name | x | Member Name | |||
|---|---|---|---|---|---|---|---|---|---|---|
| x | John Moehrke Security Co-chair | x | Kathleen Connor Security Co-chair | . | Alexander Mense Security Co-chair | . | Trish Williams Security Co-chair | |||
| x | Christopher Shawn Security Co-chair | x | Suzanne Gonzales-Webb | x | Mike Davis | . | David Staggs | |||
| x | Diana Proud-Madruga | . | Johnathan Coleman | . | Francisco Jauregui | x | Joe Lamy | |||
| . | Rhonna Clark | . | Greg Linden | . | Grahame Grieve | x | Dave Silver | |||
| . | Mohammed Jafari | . | Jim Kretz | . | Peter Bachman | . | [mailto: ] | |||
| . | Beth Pumo | . | Bo Dagnall | . | [mailto: ] | . | [mailto: ] |
Agenda
Meeting Recording: https://fccdl.in/td2yp1GXTh (temporary)
- (2 min) Roll Call, Agenda Approval
- (5 min) Review and Approval of:
- (5 min) GDPR whitepaper on FHIR update - Alex, John, Kathleen
- (5 min) TF4FA Normative Ballot reconciliation (formerly PSAF) - Mike, Chris
- Meetings: Tuesdays, 11:00 AM Eastern; freeconference.com same as Security call
- TF4FA Ballot Reconciliation (wiki)
- Ballot Reconciliation Sheet_v20180724 for review offline
- Comments 42-50 up for vote (review if necessary)
- (10 min) PASS Audit document update - Mike
- (05 min) TF4FA Trust Framework Volume 3 - Mike, Chris
- Is Privacy Obsolete - Mike
- added to WGM agenda
- (05 min) Security Working Group - upcoming HL7 Working Group Meeting, Baltimore Maryland
- Additional Agenda items?
- DRAFT Agenda Link: http://wiki.hl7.org/index.php?title=September_2018_Security_Working_Group_Meeting_-_Baltimore,_Maryland_USA
Meeting Minutes (DRAFT)
Chair: Chris Shawn
Roll taken, agenda changes: none
Meeting minutes to approve:
- August 7, 2918 Motion for approval: (Suzanne / Kathleen)
Opposed: none; abstentions: none approved 7
- August 14, 2018 Motion for approval: (Suzanne / Kathleen)
Opposed: none; abstentions: none: approved: 7 Comment: If we are going talk to Federal Agencies, we should start the outreach now
GDPR White Paper on FHIR
- talked about this subject on the FHIR-Security
- chat-a-ton tract at the upcoming FHIR Connectathon
- for people at the Connectathon to come in and have a discussion with 'us' regarding GDPR
- additional--Alex is now completed with his holiday and will pick up where he left off with meetings; there was an ask to reinvigorate the text that has already been written
- there isn't significant work at the moment that has been completed, but hopefully more by WGM
- is GDPR white paper for here? Internationally?
- white paper to express capabilities integrated into FHIR which have an applicability relative to GDPR for security and privacy
- suspect portability will be touched upon, may integrate FHIRi but not much more to say about that now
- check, check no check the FHIR feature to security and Privacy? (Answer: Yes)
- additional questions/comments? none brought forward
TF4FA Ballot reconciliation Vote: 42-50 ballot comments Motion to accept the dispositions for comments 42-50 (date dispositions completed 8/14) Suzanne/Mike opposed: none; abstain: 1 (Joe Lamy); approve: 6
Please review 51-57 for voting next week spreadsheet link: https://gforge.hl7.org/gf/project/security/docman/HL7%20Security%20SOA/TF4FA%20(formerly%20PSAF)
PASS AUDIT post ballot document update
- no update
TF4FA Volume 3 Audit - in progress (it’s more about Provenance than anything else)… Volume 3 - Provenance
- Plan is to discuss during the September meeting, ballot in January
- because of work with both audit and trust framework volumes 1,2 - we have a shortage of resources
- hoping we will have more available beyond the already presented graphics
- general update at MON Q3/Q4 plus additional discussion during Security-only call during WGM
Privacy Obsolete
- declaring victory and wrapping up
- Facebook or Amazon or Twitter, the sage of GDPR is playing out
- at a point where we are not taking more input and write up what we have
Baltimore WGM Agenda
- not all engaged in FHIR Security; Mike would like JohnM to report out on the details/overview of FHIR-Security and Privacy - time to cover in detail at another Q
- Monday Q3/Q4 - small segment, high level what is security privacy in the context of FHIR (not deep)
- since Dave Pyke will not be available, the Tuesday Q3 will cover a deeper discussion of Security and Privacy FHIR capabilities, with Q&A, move forward plan in the upcoming 6-months or so; changes since STU3
- may record (no indicated technical constraints for the Baltimore meeting)
- John may be able to locate some FHIR Security (background) videos if anyone is interested
Additional Agenda items? none added for WGM or Teleconference
- topics: Kathleen will outreach to Trish, Alex for topics
Motion to adjourn (Kathleen) Meeting adjourned at --Suzannegw (talk) 15:39, 21 August 2018 (EDT) Arizona Time
