August 21, 2018 Security Conference Call

From HL7Wiki
Jump to navigation Jump to search

Back to Security Main Page

Attendees

x Member Name x Member Name x Member Name x Member Name
x John Moehrke Security Co-chair x Kathleen Connor Security Co-chair . Alexander Mense Security Co-chair . Trish Williams Security Co-chair
x Christopher Shawn Security Co-chair x Suzanne Gonzales-Webb x Mike Davis . David Staggs
x Diana Proud-Madruga . Johnathan Coleman . Francisco Jauregui x Joe Lamy
. Rhonna Clark . Greg Linden . Grahame Grieve x Dave Silver
. Mohammed Jafari . Jim Kretz . Peter Bachman . [mailto: ]
. Beth Pumo . Bo Dagnall . [mailto: ] . [mailto: ]

Back to Security Main Page

Agenda

Meeting Recording: https://fccdl.in/td2yp1GXTh (temporary)

  1. (2 min) Roll Call, Agenda Approval
  2. (5 min) Review and Approval of:
  3. (5 min) GDPR whitepaper on FHIR update - Alex, John, Kathleen
  4. (5 min) TF4FA Normative Ballot reconciliation (formerly PSAF) - Mike, Chris
  5. (10 min) PASS Audit document update - Mike
  6. (05 min) TF4FA Trust Framework Volume 3 - Mike, Chris
  7. Is Privacy Obsolete - Mike
    • added to WGM agenda
  8. (05 min) Security Working Group - upcoming HL7 Working Group Meeting, Baltimore Maryland

Back to Security Main Page

Meeting Minutes (DRAFT)

Chair: Chris Shawn

Roll taken, agenda changes: none

Meeting minutes to approve:

  • August 7, 2918 Motion for approval: (Suzanne / Kathleen)

Opposed: none; abstentions: none approved 7

  • August 14, 2018 Motion for approval: (Suzanne / Kathleen)

Opposed: none; abstentions: none: approved: 7 Comment: If we are going talk to Federal Agencies, we should start the outreach now

GDPR White Paper on FHIR

  • talked about this subject on the FHIR-Security
    • chat-a-ton tract at the upcoming FHIR Connectathon
  • for people at the Connectathon to come in and have a discussion with 'us' regarding GDPR
  • additional--Alex is now completed with his holiday and will pick up where he left off with meetings; there was an ask to reinvigorate the text that has already been written
    • there isn't significant work at the moment that has been completed, but hopefully more by WGM
  • is GDPR white paper for here? Internationally?
    • white paper to express capabilities integrated into FHIR which have an applicability relative to GDPR for security and privacy
    • suspect portability will be touched upon, may integrate FHIRi but not much more to say about that now
    • check, check no check the FHIR feature to security and Privacy? (Answer: Yes)
  • additional questions/comments? none brought forward

TF4FA Ballot reconciliation Vote: 42-50 ballot comments Motion to accept the dispositions for comments 42-50 (date dispositions completed 8/14) Suzanne/Mike opposed: none; abstain: 1 (Joe Lamy); approve: 6

Please review 51-57 for voting next week spreadsheet link: https://gforge.hl7.org/gf/project/security/docman/HL7%20Security%20SOA/TF4FA%20(formerly%20PSAF)

PASS AUDIT post ballot document update

  • no update

TF4FA Volume 3 Audit - in progress (it’s more about Provenance than anything else)… Volume 3 - Provenance

  • Plan is to discuss during the September meeting, ballot in January
  • because of work with both audit and trust framework volumes 1,2 - we have a shortage of resources
  • hoping we will have more available beyond the already presented graphics
  • general update at MON Q3/Q4 plus additional discussion during Security-only call during WGM

Privacy Obsolete

  • declaring victory and wrapping up
    • Facebook or Amazon or Twitter, the sage of GDPR is playing out
    • at a point where we are not taking more input and write up what we have

Baltimore WGM Agenda

  • not all engaged in FHIR Security; Mike would like JohnM to report out on the details/overview of FHIR-Security and Privacy - time to cover in detail at another Q
    • Monday Q3/Q4 - small segment, high level what is security privacy in the context of FHIR (not deep)
    • since Dave Pyke will not be available, the Tuesday Q3 will cover a deeper discussion of Security and Privacy FHIR capabilities, with Q&A, move forward plan in the upcoming 6-months or so; changes since STU3
    • may record (no indicated technical constraints for the Baltimore meeting)
    • John may be able to locate some FHIR Security (background) videos if anyone is interested

Additional Agenda items? none added for WGM or Teleconference

  • topics: Kathleen will outreach to Trish, Alex for topics

Motion to adjourn (Kathleen) Meeting adjourned at --Suzannegw (talk) 15:39, 21 August 2018 (EDT) Arizona Time