This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

January 26th 2010 CBCC Conference Call - Joint Call with Security

From HL7Wiki
Jump to navigation Jump to search

Back to CBCC Main Page

Attendees

Agenda

  • Phoenix WGM Report Out
  • Additional agenda items

Minutes

  • CBCC Three Year Plan reviewed during Thursday WGM – low attendance
    • Richard will submit project scope statement for a health records bank project, slated for September 2010 ballot
    • Nothing else planned beyond Sept 2010 at this time
  • Security/Privacy DAM harmonization
    • This is to harmonize the DAMs, not the traditional way that HL7 thinks about harmonization which has to do with Vocabulary and the RIM
    • Purpose is to make sure we’re discussing the same concept when we’re talking about classes/attributes that appear in both DAMs
  • There are a number of sub-projects identified by PASS-Alpha where CBCC might provide the subject matter expertise and be the lead WG
    • Disclosure Accounting (Audit Services). Both PASS and Security WGs have punted on this but everyone agrees that the analysis needs to be done. EHR is an interested party. Scope statement has not yet been created. Output of this project would be a Platform Independent Model that deals with audit services (3 or 4 different services). Accounting of Disclosures would be one of the reports that Audit service needs to support. We don’t expect to have a standalone specification for Accounting of Disclosures
    • Privacy Policy Templates
  • Mission statement for CBCC WG updated
  • HL7 WGs’ response to the MU IFR
    • The mechanism for responding will be discussed in next week’s meeting
  • Pat brought up the question as to whether there should be a Privacy Assessment Cookbook, much like the Security Risk Assessment Cookbook?
    • These should be rolled together
    • Propose to use the same model for Patient Safety, if the Patient Safety WG agrees
    • Pat will review the cookbook to see how this can be accomplished
    • Lessons learned from the pilots can inform this process
    • A little different focus for privacy assessments than for security assessments, but these can be merged with the a little work
    • There are old copies of the Security Cookbook, but the latest versions have not yet been updated. Suzanne to post and send notification to the list
    • John will create an area on the Security Wiki and HL7 site to concentrate items related to Risk Assessment

Meeting adjourned at 2:20 PM EST