Call Logistics

Weekly: Tuesday at 05:00 EST (2 PM PST)

Web conference desktop and VOIP https://www.freeconferencecall.com/join/security36 
Online Meeting ID: security36
Phone: +1 515-604-9567, Participant Code: 880898
 Please be aware that teleconference meetings are recorded to assist with creating the meeting minutes 

Back to HL7 FHIR security topics

Attendees

Agenda

• Roll;
• approval of agenda
• approval of the HL7 FHIR Security 2017-03-28 Minutes
• All security open http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemBrowse&tracker_id=677&tracker_query_id=4967
• Plan resolution of CR (see below)
• SMART engagement
• Setting up Test Plans for Security / Privacy topic
• New business?

Open Issues

The following are currently in Deferred state. Now to be worked on for STU4 (release 4):

Discuss

• 12501 Provenance.reason+and+Provenance.activity+should+be+CodeableConcept (Grahame Grieve) None
• 13015 Provenance+doesn%27t+follow+event+pattern+for+onBehalfOf (Lloyd McKenzie) None
• 13016 Provenance.agent.role+should+be+1..1 (Lloyd McKenzie) None
• 13012 Provenance.period+should+be+a+choice (Lloyd McKenzie) None
• 13143 "ambigious" should be "unambigious"

Assigned to John

• 12941 Security+Role+vocabulary+should+include+ISO+21298 (John Moehrke) None
• 9167 AuditEvent+needs+to+make+more+obvious+how+to+record+a+break-glass+event (John Moehrke) Considered for Future Use
• 12502 Provenance.agent.relatedAgentType+is+nonsensical (Grahame Grieve) None
  • Need feedback from Grahame. John to pursue. We did not intend to break
• 12660 HCS+use+clarification (John Moehrke) None
• 13011 The+value+set+for+security-role-type+is+broken+for+Provenance (Lloyd McKenzie) None
  • Need to get actionable feedback from Lloyd. John to pursue.
• 13013 Valueset+for+Provenance.activity+is+broken (Lloyd McKenzie) None
  • Need to get actionable feedback from Lloyd. John to pursue.
• 13014 Provenance.agent.relatedAgentType+doesn%27t+make+sense (Lloyd McKenzie) None
  • Need to get actionable feedback from Lloyd. John to pursue.

Assigned to Kathleen

• 10343 Three+additional+Signature.type+codes (Kathleen Connor) Considered for Future Use
  • need to work with some organization (e.g. HL7) to create three new vocabulary values. These vocabulary values need to be defined as OID values, because they are used in external standards that have a data-type of OID (i.e. XML-Signature). So they can't be text vocabulary, and they need to be fully OID.

Narrative improvements

• 10580 How+should+test+data+be+identified%3F (John Moehrke) Considered for Future Use
• 10581 something+should+be+said+about+de-identification (John Moehrke) Considered for Future Use
• 12462 Security%2FPrivacy+Module+page+should+explain+W5+realty+that+provenance+elements+in+other+resources+vs+use+of+Provenance+as+a+resource (John Moehrke) Considered for Future Use
• 12463 explain+relationship+between+Provenance+and+AuditEvent.+ (John Moehrke) Considered for Future Use
• 10579 New+Security+and+Privacy+%22Module%22+page+needs+content (John Moehrke) Considered for Future Use
• 11071 Improve+security+label+guidance+-+2016-09+core+%2390 (Kathleen Connor) Not Related
• 12939 Security+Role+vocabulary+should+be+mentioned+on+the+security.html+page (John Moehrke) None
• 13238 Add guidance on JSON signatures (Lloyd)

http://build.fhir.org/secpriv-module.html

Minutes

• Didn't start with quorum, so didn't review minutes
• Reviewed #13504 -- added to a future block vote
• Reviewed 13501 -- wait until the FHIR-I Event pattern is updated
• Reviewed 13238 -- John to write up similar text using JSON signature as we have for XML signature