This wiki has undergone a migration to Confluence found Here

March 10th 2009 Security Conference Call

From HL7Wiki
Jump to navigation Jump to search

Security Working Group Meeting

==Attendees== (expected)



Agenda and Minutes (DRAFT)

  1. (05 min) Roll Call
  2. (05 min) Approve Minutes & Accept Agenda
  3. (30 min) Operations Spreadsheet comments - Mike Davis

(concern) 'Mixed concept' within the spreadsheet - Mike's table is a table of verbs, there is no problem to add more terms outside of 'CRUDE' but it needs to make sense to do that. [Updated Operations Spreadsheet - need from Tony W] - Tony Weida

There are several dualities in the spreadsheet

  • We have two views on the spreadsheet:
  1. operations on the object (which is what security is interested)
  2. operations on attributes (changing the status of an object attribute)

Status modification should be placed under ‘’update’’ CRUDE is a known taxonomy, if we place terms under CRUDE… I would be most interested in those things ‘not’ placed under CRUDE (or CRUDEA)

Let’s stay with the ANSI-INCITS definition: object: passive entity…

  • So, If I give someone permission to cancel, I am giving them permission to cancel…’the real world’ meaning the actual …

Currently: (Pat) the things on the list are workflow and would not be seen as part of a patient consent request. Patient would want to In the patient Consent: can you read, can you write..that’s what it boils down to. When a patient says ‘I don’t want x-person to see or read this portion of my record…’’

We will need to address the dualities, if the patient is expressing control

The spreadhsset is to be seen as an operation code system. They will not necessarily all be used together. Suggestion: is to map the privacy terms and the security terms into this spreadsheet. If you want to focus on just the RBAC, then you can create a value set of CRUDEA, then you would include those. If you want to address privacy and consent and you want to categorize usage and disclosure, you can look at the

Creating suitable value sets, mapping Define the terms so that they are shared, so that we don’t have to map everything to everything.

The use of the terms here are descriptive terms that are overloading primitives here with the name of a policy. Includes who the person is who is involved in the disclose—which is part of the policy. Disclosure (collection, use and dis..) these are the 3 privacy terms that are understood for privacy and consent.

  • disclose – definition:
  • collects
  • use

10:45 –

Agreement: modify status is a revision… Proposal: to swap revise and update. Revise is defined as being a revision (not clear) update is clear- results; update is the primitive and revise is a subset of that

Note the consumer of this vocabulary

Goal: Ballot update What do we need to update for the Security ‘and Privacy’ for the upcoming ballot in September. If these are not directly linked to the consent directive then we should be put aside—continue to work on them but concentrate efforts on the things we need to have for the ballot update


Action Items

Need to separate which area(s) of the spreadsheet are part of the Security-CBCC Joint project and which is vocabulary solely in the CBCC domain.

Back to Meetings