This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

HL7 FHIR Security 2016-01-05

From HL7Wiki
Jump to navigation Jump to search

Back to HL7 FHIR security topics

Attendees

Member Name Member Name Member Name
x John Moehrke Security Co-Chair x Kathleen Connor x Suzanne Gonzales-Webb CBCC Co-Chair
x Gary Dickinson EHR Co-Chair Johnathan ColemanCBCC Co-Chair Judy Fincher
Reed Gelzer RM-ES Lead Glen Marshal Galen Mulrooney
Dave Silver x Rob Horn [1]

Agenda

  • Block Vote -- review any items that people requested withdrawn.
    • Kathleen requests 7568and 9051removed for more discussion
  • Kathleen continue to discuss progress with http://wiki.hl7.org/index.php?title=HL7_FHIR_Provenance_Resource&section=4 with John's help on importing V3 vocabulary mechanism in the FHIR build
  • Review John's addition to the FHIR wiki on the page that tells editors how to create a Resource. a discussion on Provenance and W5. and pass links to group including Gary
  • Review John's update on noted descriptions in AuditEvent need yet to be fixed up regarding participant->agent, and object->entity.


Block Vote

  • 8803 Provenance for a subset of a resource (Chris Grenz) Not Persuasive
  • 8827 Signature datatype does not include counter-signature type (John Moehrke) Not Persuasive
  • 9051 Remove AuditEvent.participant.role binding to http://hl7.org/fhir/ValueSet/dicm-402-roleid. Bind this value set to AuditEvent.particpant.userid (Kathleen Connor) Not Persuasive
  • 9037 Security page should recognize HEART (John Moehrke) Persuasive
  • 7563 2015May core #854 - Expand on how to use Provenance (Kathleen Connor) Persuasive with Mod
  • 7567 2015May core #858 - Provenance isn't sufficiently aligned with w3c spec (Kathleen Connor) Persuasive with Mod
  • 7569 2015May core #860 - Clarify relationship agents and entities used in activity (Kathleen Connor) Persuasive with Mod
  • 7570 2015May core #861 - Clarify relationship agents and entities used in activity (Kathleen Connor) Persuasive with Mod
  • 8790 Give guidance on AuditEvent that codes don't need DisplayName populated (Paul Knapp) Persuasive with Mod
  • 9078 HTTP Caching Warning for FHIR GET REST services (Kathleen Connor) Persuasive with Mod

Ongoing CP Dispositions

  • 9176 Security-Labels page for _confidentialiy points at all "Confidentiality" codes, not just _confidentiality. (John Moehrke) None
  • 8638 how does Provenance work when deleting records (Grahame Grieve) None
  • 9150 Provenance TODO section cleanup (John Moehrke) None
  • 9151 AuditEvent has TODO section to be removed (John Moehrke) None
  • 9166 Break-Glass method defined doesn't include AuditEvent effect. (John Moehrke) None
  • 9167 AuditEvent needs to make more obvious how to record a break-glass event (John Moehrke) None

Low Priority (waiting for other work to complete)

  • 9036 Handling of meta values that should force version, such as security_labels (John Moehrke) None
  • 9042 Add RBAC as value set for AuditEvent.participant.role (Kathleen Connor) None
  • 9043 Add ABAC as alternative value set for AuditEvent.participant.role (Kathleen Connor) None
  • 9052 Add SNOMED Stuctural Roles as value set for AuditEvent.participant.role (Kathleen Connor) None
  • 3318 Clarify how to use RBAC and ABAC using FHIR (John Moehrke) None
  • 6303 Add Record Lifecycle Events to AuditEventObjectLifecycle Set (Gary Dickinson) None

Minutes

Removed from the block vote with additional notes 7568 2015May core #859 - How are agent and activity linked? (Kathleen Connor) Not Persuasive

Updated 9051 with a note about other CPs bringing in RBAC, ABAC, and SNOMED vocabulary

Block vote: Kathleen Connor/Rob Horn: 4, 0,0

  • 8803 Provenance for a subset of a resource (Chris Grenz) Not Persuasive
  • 8827 Signature datatype does not include counter-signature type (John Moehrke) Not Persuasive
  • 9051 Remove AuditEvent.participant.role binding to http://hl7.org/fhir/ValueSet/dicm-402-roleid. Bind this value set to AuditEvent.particpant.userid (Kathleen Connor) Not Persuasive
  • 9037 Security page should recognize HEART (John Moehrke) Persuasive
  • 7563 2015May core #854 - Expand on how to use Provenance (Kathleen Connor) Persuasive with Mod
  • 7567 2015May core #858 - Provenance isn't sufficiently aligned with w3c spec (Kathleen Connor) Persuasive with Mod
  • 7569 2015May core #860 - Clarify relationship agents and entities used in activity (Kathleen Connor) Persuasive with Mod
  • 7570 2015May core #861 - Clarify relationship agents and entities used in activity (Kathleen Connor) Persuasive with Mod
  • 8790 Give guidance on AuditEvent that codes don't need DisplayName populated (Paul Knapp) Persuasive with Mod
  • 9078 HTTP Caching Warning for FHIR GET REST services (Kathleen Connor) Persuasive with Mod

Action Items