July 22, 2014 Security WG Conference Call
|x||Member Name||x||Member Name||x||Member Name||x||Member Name|
|x||Mike DavisSecurity Co-chair||x||John MoehrkeSecurity Co-chair||.||Trish WilliamsSecurity Co-chair||.||Bernd BlobelSecurity Co-chair|
|.||Chris Clark||.||Johnathan ColemanCBCC Co-Chair||x||Kathleen Connor||.||Duane DeCouteau|
|.||Reed Gelzer||.||Suzanne Gonzales-WebbCBCC Co-chair||x||Rick Grow||.||David Henkel|
|.||Mohammed Jafari||.||Don Jorgenson||.||Alexander Mense||.||Amanda Nash|
|.||Paul PetronelliMobile Health Security Co-chair||x||Diana Proud-Madruga||.||Harry Rhodes||x||Aaron Seib|
|.||Ioana Singureanu||.||Walter Suarez||.||Tony Weida||.||Paul PetronellimHealth Co-chair|
|.||Julia Chan||x||Steve Hufnagel||x||Gary Dickinson||.||.|
- (05 min) Roll Call, Approval of Meeting Minutes
- (10 min) Update: Way with Verbs - Project Scope Statement - Diana
- (10 min) Record Entry Lifecycle Event Metadata using FHIR Project Scope Statement - Gary Dickinson
- (10 min) Update: Patient Friendly Security and Privacy Language Project Scope Statement - Diana
- Comment from Jean Duteau: "We fail to see how the Consent Directive FHIR resource is part of the success criteria given that there is no mention of FHIR work in the project scope. As well, we thought all FHIR resource work had to go through the FMG and there is a separate project form for those."
- (10 min) Review of FHIR dispositions - review/discussion - ongoing
- (05 min) Other business, action items, and adjournment
Approval of Past Meeting Minutes
- Meeting minutes from July 15 were unanimously approved.
Project Scope Statement - EHR/Security vocabulary alignment
- Mike suggested to change instances of “verb” to “operation-object pairs,” since we would have both ABAC and RBAC covered by aligning those words.
- Steve suggested adding the following statement: “where the objects are record entries.”
- Steve observed how the security folks and the EHR folks are agreeing, but approaching things from a different perspective. EHR’s record entries could be FHIR resources.
- Mike stated that the end result of this project should be strong alignment of a type vocabulary.
- Gary said that the EHR Interoperability working group would work on the final details of the PSS at its meeting next Tuesday, July 29.
MOTION PASSED - Unanimous approval of the scope and criteria of the EHR/Security vocabulary alignment PSS
Project scope statement - Record Entry Lifecycle Event Metadata using FHIR
- Kathleen said that the EHR Interoperability working group should not, in this PSS, change the resources related to Security or the CBCC Provenance work (security labels, security events, etc.), and ensure that this project does not take ownership of changing those resources.
- In response to Kathleen’s statement, Diana resolved to remove the parentheses containing “include provenance-related metadata” in the first sentence of the PSS.
MOTION PASSED - Unanimous approval that the issue raised about this PSS has been satisfactorily resolved