This wiki has undergone a migration to Confluence found Here

January 25, 2011 Security Conference Call

From HL7Wiki
Jump to navigation Jump to search

Security Working Group Meeting

Back to Security Main Page

==Attendees== (expected)

Back to Security Main Page


  1. (05 min) Roll Call, Approve Minutes & Accept Agenda
  2. (15 min) Discussion (continued)

Jon Farmer's comments as received in e-mail on January 4, 2011: I see it as relevant to both Security and Privacy as follows:

  • Impacts on both Security and Privacy
    • the proposal that we embrace a "Digital Rights Management" and "intellectual Property" paradigm; including the proposal to represent protected EHRs with MPEG-21
    • the proposal to utilize existing tools and reference models.
    • proposal to re-represent some ontology constructs such as convert permission subclasses to individuals
  • Impacts on Security:
    • proposal to utilize an existing standard RBAC framework, which is purported to be equivalent to ours.
  • Impacts on Privacy:
    • the proposal to use an existing "rights expression language" if the suggestion is to use it for data consents.

  1. (5 min) Other Business

Action Items

  1. (Suzanne) Update RBAC Permission Catalog document (to correct version containing DRG paragraph) on the HL7 site
  2. (attendees) Review ballot comments being submitted by Andre Carrington to the ITS Group
  3. (John M) HL7 Security Risk Assessment Cookbook; proceeding to adoption in HL7

Back to Security Main Page