This wiki has undergone a migration to Confluence found Here
June 13, 2017 Security Conference Call
Jump to navigation
Jump to search
Attendees
x | Member Name | x | Member Name | x | Member Name | x | Member Name | |||
---|---|---|---|---|---|---|---|---|---|---|
. | John MoehrkeSecurity Co-chair | x | Kathleen ConnorSecurity Co-chair | . | Alexander Mense Security Co-chair | . | Trish WilliamsSecurity Co-chair | |||
x | Mike Davis | x | Suzanne Gonzales-Webb | x | David Staggs | x | Mohammed Jafari | |||
x | Glen Marshall, SRS | x | Beth Pumo | . | Ioana Singureanu | . | Rob Horn | |||
x | Diana Proud-Madruga | . | Serafina Versaggi | x | Joe Lamy | . | Galen Mulrooney | |||
. | Duane DeCouteau | . | Chris Clark | . | Johnathan Coleman | . | Aaron Seib | |||
. | Ken Salyards | . | Christopher D Brown TX | . | Gary Dickinson | x | Dave Silver | |||
x | Rick Grow | . | William Kinsley | . | Paul Knapp | x | Mayada Abdulmannan | |||
. | Kamalini Vaidya | . | Bill Kleinebecker | x | Christopher Shawn | . | Grahame Grieve | |||
. | Oliver Lawless | . | Ken Rubin | . | David Tao | . | Nathan Botts |
Agenda
- (2 min) Roll Call, Agenda Approval
- (4 min) Review and Approval of Security WG Call Minutes June 6, 2017
- (15 min) Review and approval of Madrid Minutes Chair
- (30 min) HIMSS 2017 Next Steps - Mike Davis
- (5 min) TF4FA Ballot Reconciliation update Review DOD Comments - Kathleen
- (5 min) FHIR Security Call - Please review front matter - John Moehrke
Minutes
- Please note: Q= Question and A = Reply/ or Answer to the question
- Chaired by John
- Agenda Approved (Kathleen, Diana)
- Approved: Security WG Call Minutes June 6, 2017 (Mike, Kathleen)
- Approved of Madrid Minutes Chair
- Alex is working on the draft of charter
- Minutes approved from previous week (Alex, Kathleen)
- HIMSS 2017 Next Steps - Mike Davis, Duane D.
- Last week we looked at the Cascading Oath and Patient consent Oath and UMA
- Duane went over Demo examples on clinical forms that the rule engines make decisions on
- Some decisions may require health data to be redacted such as in cases of research
- Drug Drug interactions would not be affected in redaction
- During clinical trials the patient data is identified within the research organization, but can also be redacted
- Three organization participating :
- 1) Vet Health Admin (custodian/primary provider)
- 2) Vet for Research project (Genetic Research) This week we are reviewing the research use case of the demonstration
- 3) MyHin
- VHA also has a clinical decision support group, unique as it can see all data
- includes drug interactions
- We do not do any access control based on rights
- We are doing read access for the clinical flow
- New Patient consent was reviewed for the purpose of use of research and diagnostic report
- the data navigates to FHIR payload
- Veterans for Research: When viewing the same patient for example will have the patients drug abuse would be redacted and a new authorization would be established
- Informed consent for treatment
- TF4FA Ballot Reconciliation update Review DOD Comments - Kathleen
- Kathleen: Review Mark Kramer discussion on negations to be reviewed
- Recommends we need more discussion on what happens in negotiation
- Domains may need to bridge their policies
- The consumers idea on trust need to be considered
- The services on negotiation are fundamental to trust framework
- comment 1 (John): We need to be clear on defining the negotiations between Domain communication
- the abstract and script should further explain that negotiation can iterate multiple times to result in a negotiation
- Q (1) John (Kathleen): Would it be in band or out band? How would it happen in a interoperabile way?
- A (1) to Kathleen Question (Mike): Not in conceptual Model
- Comment 2 (Mike Davis): The Negotiations are established agreements between the domains
- Mark may have an issue with how quickly the negotiation occurs
- However, defined parameters are defined, and Domains are identified
- Comment 3 (Kathleen): Under the title Trust Service, the Trust Framework provide technical and operational rules, and each services provided are through exchange of token.
- FHIR Security Call - Please review front matter - John Moehrke
- * A/I: Mike Davis will send the document to John with the links for the presentation to John to post to the FHIR Security Page to include in build