February 23, 2016 Security Conference Call
Back to Security Work Group Main Page
Attendees
| x | Member Name | x | Member Name | x | Member Name | |||
|---|---|---|---|---|---|---|---|---|
| x | Kathleen ConnorSecurity Co-chair | . | Duane DeCouteau | . | Chris Clark | |||
| x | John MoehrkeSecurity Co-chair | . | Johnathan Coleman | . | Aaron Seib | |||
| x | Alexander Mense Security Co-chair | . | Ken Salyards | . | Christopher D Brown TX | |||
| . | Trish WilliamsSecurity Co-chair | . | Gary Dickinson | x | Dave Silver | |||
| x | Mike Davis | . | Ioana Singureanu | x | Mohammed Jafari | |||
| x | Suzanne Gonzales-Webb | x | Rob Horn | . | Galen Mulrooney | |||
| x | Diana Proud-Madruga | . | Ken Rubin | . | William Kinsley | |||
| x | Rick Grow | . | Paul Knapp | . | Debbie Bucci | |||
| x | Glen Marshall, SRS | . | Bill Kleinebecker | x | Christopher Shawn | |||
| . | Oliver Lawless | x | Mayada Abdulmannan | . | Serafina Versaggi | |||
| x | Beth Pumo | . | Russell McDonell | . | Paul Petronelli , Mobile Health | |||
| . | Christopher Doss | x | Kamalini Vaidya | . | [mailto: Stephanie Dyke ] |
Agenda DRAFT
- ( 5 min) Roll Call, Agenda Approval
- ( 5 min) February 16, 2016 Security WG Conference Call Minutes
- ( 30 min) March 2016 Security WG Final Harmonization Proposals Approved
-Completed technical review, fixing the U.S. Privacy login and add to code system -Using set of codes to apply any patient preference to apply to policy
- Esures inclusion of Privacy Laws - International set to include exchange of information protection of privacy laws
- Adding new obligations using security labeling -Security Labeling is to notify recipient what to do classify and de-classify -Establishes the rules how to deal with security labels and to keep track of provenance
- Adding codes from Security and Privacy anthology
- ( 5 min) Privacy and Security by Design PSS discussion - John
- attending Architecture review board meeting -to submit detailed report after meeting ARB
- ( 5 min) Joint Vocabulary Alignment Update - Diana
-Shared at CBCC call - Reviewed life cycle names, and made adjustment to reduce confusion and ambiguity of names - life cycle events in 2889 and FHIR life cycle events - Audit events life cycles Diacom events - Q: Can we use Prolonged PM life cycle events on 2889?
- A: We can add but we can’t replace. CB’s are to be added to vocab
- ( 5 min) FHIR Security report out - John
- CBCC-Vocab Alignment between life cycle events between Security and Provenance -Activities: - the Verb that is being defined tabbed into the model, and output function - it generates content by the output functions - Content was successfully generated by the output function
- ( 5 min) PASS Audit Conceptual Model – Diana
- FYI: Call for papers for Provenance Week 2016 being held in WashingtonDC in June 2016. http://www2.mitre.org/public/provenance2016/index.html
Note that there will be a FHIR Security call at 2pm PT/5pm ET See agenda at FHIR Security Agenda
= Minutes = Approved
- Consensus Approval of February 23
- Reviewed and approved final harmonization proposals
- Changes to SecurityCategoryObservationValue consent directive codes
- consolidation of consent directive codes into one code system
- Add ActUSPrivacyLaw to v:SecurityCategoryObservationValue
- valueset to hold realm specific codes from all realms
- New Obligation Codes
- new obligation codes
- discussion that these are composable codes, and it is not clear how to use composable codes in the HL7 systems we have today that can only communicate a list of codes.
- Augment ProvenanceEvent Vocabulary
- Motion to submit to Harmonization with the understanding that further refinement: Kathleen/Glen: 0-0-14
- Changes to SecurityCategoryObservationValue consent directive codes
- EHR Lifecycle Discussion
MOTION made to approve the presented version: (Approved, need counts)
Privacy and Security by Design PSS discussion
- ARB is meeting tomorrow to discuss the PSS, Rick Grow will be in attendance for the discussion
- update to the PSS will be provided next week
