This wiki has undergone a migration to Confluence found Here

HL7 FHIR Security 2015-11-10

From HL7Wiki
Jump to navigation Jump to search

Back to HL7 FHIR security topics

November 10, 2015

Agenda and Minutes

  1. John updated the gForge items among the various parts
  2. Glen reviewed Security.html and security_lables.html page for improvement opportunities
    • Need to add a CP to cover discussion of security labels in light of discussion around change-tracking behavior allowed when the meta element is edited. Meaning there is allowance that meta can be revised without version change, yet some meta values changing need to be noticed.
    • Need to add a CP to cover current external work on Authentication, Authorization, and Consent -- Such as HEART. Today we only point at IUA and SMART. Need someone to offer specific new text with changes to existing text.
  3. John & Rob reviewed AuditEvent for improvement opportunities
    • Need recommendation on how to harmonize AuditEvent and Provenance.
      • John recommends that
        • the event element be flattened, putting all the sub-elements at the root of AuditEvent, similar to Provenance.
        • participant be renamed to 'agent' similar to Provenance
        • object be renamed to 'entity' similar to Provenance
        • event.purposeOfEvent be renamed to 'reason' similar to Provenance ??? Note I am not clear why Provenance has both reason and activity; would rather just see one element that supports all the vocabulary.
        • event.dateTime be renamed to 'recorded' similar to Provenance --- or should both be named 'now'?
        • object.lifecycle be renamed to 'role' similar to Provenance -- not really sure...
  4. Kathleen reviewed Provenance for improvement opportunities