CMHAFF call, Monday, April 17
Jump to navigation Jump to search
Attendees: Vanessa Batoon, Serafina Versaggi, David Tao
- Discuss next steps on HITRUST agreement and evaluation -- Serafina pointed out that there are many publicly available documents on the HITRUST website, that may be useful, while we deliberate over the CSF 8.1 (which requires limited license agreement)
- Since cMHAFF is a framework, we should consider if there is a particular risk assessment guideline that we can reference, rather than just saying "an accepted risk management framework." The HL7 Security Cookbook describes such a framework, but the way it's written, it's targeted not for software developers but rather standards developers.
- Review latest cMHAFF edits (ballot comment disposition textual changes). Vanessa made several suggestions, that David incorporated.
- Nathan will report back on North Carolina Department of Health use cases at the next meeting.
- The April 24 and May 1st meetings are cancelled. Next meeting will be May 8th (change: next is May 15, due to WGM in Madrid)
David uploaded the latest version of the document to the cMHAFF Wiki.