This wiki has undergone a migration to Confluence found Here
HL7 FHIR Security 2018-04-24
Jump to navigation
Jump to search
Call Logistics
Weekly: Tuesday at 02:00 pm EST
Web conference desktop and VOIP https://www.freeconferencecall.com/join/security36 Online Meeting ID: security36 Phone: +1 515-604-9567, Participant Code: 880898 Please be aware that teleconference meetings are recorded to assist with creating the meeting minutes
Back to HL7 FHIR security topics
Attendees
| Member Name | Member Name | Member Name | ||||||
|---|---|---|---|---|---|---|---|---|
| x | John Moehrke Security Co-Chair | x | Kathleen Connor Security Co-Chair | x | Alexander Mense Security Co-chair | |||
| x | Suzanne Gonzales-Webb CBCC Co-Chair | x | Johnathan Coleman CBCC co-chair | . | Chris Shawn Security co-chair | |||
| . | Ali Massihi | . | Mike Davis | . | Nathan Botts Mobile co-chair | |||
| x | Diana Proud-Madruga | . | Joe Lamy AEGIS | . | Beth Pumo | |||
| . | Irina Connelly | x | Matt Blackman Sequoia | . | Mark Underwood NIST | |||
| . | Peter Bachman | . | Grahame Greve FHIR Program Director | . | Kevin Shekleton (Cerner, CDS Hooks) | |||
| x | Luis Maas EMR Direct | x | Dave Silver | . | Francisco Jauregui |
Agenda
- Roll;
- approval of agenda
- approval of HL7 FHIR Security 2018-04-03 and HL7 FHIR Security 2018-04-10 Minutes
- Announcements
- Next week is canceled, as are the week of the HL7 WGM and post WGM
- Johnathan specific guidance given a paper from ONC that might guide improvements to the security guidance
- Johnathan sends regrets
- KEY PRIVACY AND SECURITY CONSIDERATIONS FOR HEALTHCARE APPLICATION PROGRAMMING INTERFACES (APIS)
- Review Access Control section for improvement opportunities
- Action: everyone
- Continuous security testing and remediation
- Using off-the-shelf and open-source tools to simulate attacks, code inspection, and in other ways probe for vulnerabilities, and remediation of those vulnerabilities following Risk-Management methodology.
- All security open http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemBrowse&tracker_id=677&tracker_query_id=4967
- Improvement beyond SMART scopes
- Patient Directed backend communication
- Oauth App Registration
- Certificate Management
- New business
ACTIONS
references
- stream for Security and Privacy discussions. Specification development, and Implementation.
- stream for Patient Empowerment. Discussions about empowering patients. Focus on deployment and advocacy.
- Proposed FHIR Connectathon track for Cologne -- GDPR
- Blockchain FHIR Connectathon
- Grahame is trying to find a community wanting to 'play' with blockchain. He is willing to standup the infrastructure.
- See blockchain zulip stream https://chat.fhir.org/#narrow/stream/blockchain
Minutes
- John Chaired
- minutes not reviewed
- announcements given
- Jim brought up the CDA issue
- This was an issue where CDA narrative, which holds HTML markup, was found to contain java script
- FHIR spec includes warnings on all narrative http://build.fhir.org/security.html#narrative
- Cologne agenda
- ACTION: John needs to identify the major activities
- Johnathan is only on for a short time. so we remind everyone to review the Access Control sections of both the ONC paper and the FHIR specification and come with improvement opportunities for the FHIR specification.
- We did recap the currently approved items -- see the gForge approved items
- Input validation
- TLS 1.2
- John has not applied changes, will do that when we get a few more approved
- We did recap the currently approved items -- see the gForge approved items
- Discussed "Right to be Forgotten"
- There are concerns being voiced about how deep one must go to delete data. Specifically must data about that data logged in the audit log need to be deleted.
- Differing but non conclusive perspectives.
- Concern that any ability to remove an entry from the audit log will put in question the integrity of the audit log. Thus the hope is that audit logs can be maintained and not be subject to "right to be forgotten"
- Alex notes that for Treatment in Austria and Germany have regulations that medical data MUST be preserved (30 years in Austra) and thus can't be "forgotten"... Secondary copies of the medical data could be subject to the right to be forgotten.
- Alex has question outstanding with his legal experts
- The FHIR Connectathon track on 201805 GDPR likely needs to point out exceptions for treatment purpose of use is different than other purpose of use
- There are concerns being voiced about how deep one must go to delete data. Specifically must data about that data logged in the audit log need to be deleted.
- Luis covered the connectathon track 201805 Direct/Certificates Track
- Note there is no presentation, there is just the details in the track wiki page.
- There is some discussion of these usecases within the closed DirectTrust membership
- Hope is that some of this might result in some improvements for our FHIR Specification
- Kathleen - how to handle legitimate relationship?
- In support of PurposeOfUse of Treatment, how is it know if this individual has a legitimate relationship.
- Luis points out that the general framework used today is backed by Covered Entity declaration. Thus a requesting organization with Covered Entity status request can be taken as legitimate. Similar to DURSA.
- Client Authentication JWT can contain claims of Covered Entity status.
- Note that IHE has a set of well-known JWT attributes -- see https://wiki.ihe.net/index.php/Internet_User_Authorization
- Adjourned 54 minutes
