This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

March 9th, 2010 Security Conference Call

From HL7Wiki
Jump to navigation Jump to search

Security Work Group Weekly Conference Call

Meeting Information

Attendees

Agenda

  1. (05 min) Roll Call, Minutes March 2, 2010 & Call for Additional Agenda Items
  2. REPORT OUTS
    • (10 min) RSA Conference
  3. ACTIVE PROJECTS
    • (10 min) Security and Privacy Ontology project
  4. (40 min) Harmonized Privacy and Security DAM Peer Review

Announcements

Security & Privacy Ontology Scope Meeting Info

Thursday Mar 11, 2010 5 PM – 7 PM EST (2 PM – 4 PM PST)

Minutes

1. Action Items

  1. Serafina: consolidate comments onto a single Peer Review form
  2. Ioana:
    • provide initial disposition for review with team in subsequent meetings
    • Investigate creating Visio version of the model diagrams
  3. Team: review DRAFT Harmonized Security & Privacy DAM in preparation for next week's meeting and provide comments to Serafina/Ioana by March 12 if you wish to and have not already done so

2. Resolutions

To meet the target dates for the May ballot, the joint Security/CBCC Work Group meeting will dedicate one hour each week to address the harmonized Security & Privacy DAM issues so that all work group members have the opportunity to voice their input.

  • If the group feels more time is required to resolve issues, additional meeting(s) can be scheduled

3. Updates/Discussion

RSA Conference

  • This focus of this year’s conference was on threats and response to threats reflecting reaction to real world, present day security concerns. The conference was less application-security focused than network security focused
  • There was a lot of government representation this year: Directors of the FBI and Homeland Security were some of the keynote speakers
  • In the past, the conference had more of a forward thinking flavor – what is the next technology
    • Two tracts that traditionally have been part of this conference, Secure software development and Identity and Access Management were missing indicating that interest in those areas has either declined or has become more mature. There were only two presentations in these areas this year
    • Mike and David Staggs gave a presentation related to the security implications of the joint project between the VA and Kaiser Permanente in San Diego which was very well received
    • That demonstration included the use of SAML, XACML & WS-Trust supporting use cases for the enforcement of clinical roles, emergency access and patient consent directives
    • Mike and David also participated in an OASIS demonstration that included the Department of Defense, IBM, Oracle/Sun and Jericho Systems. This demonstration advanced the work done in 2009 at the HIMSS conference. This year’s demo included use cases that extends the HITSP work and allowed vendors to demonstrate that they can assert the XSPA WS-Trust health care profiles, which advances XSPA WS-Trust as a standard. The OASIS profiles include the HL7 Permissions Catalog
    • The major theme of this conference was Cloud Computing – everyone had Cloud Computing in the title of their presentation. The Federal government is approaching Cloud Computing cautiously with concern about the security implications
    • OASIS also demonstrated the utility of security and privacy protection for genomics indicators included in an NIH database called the genomic-wide association studies (GWAS) – see footnote below for more information on GWAS
    • The security system was adaptive as well, meaning that as new indicator pairs are identified and are come into the database, the system recognizes them and applies the privacy rules to the new pairs

Security and Privacy Ontology project

  • Still trying to answer questions from the ArB and TSC about the intent of this project. A special meeting to address their questions has been scheduled for Thursday afternoon, 5:00 – 7:00 PM EST (meeting details below for anyone interested in joining)
    • One of their questions is “what are we doing with decision support?”since we identified decision support as one area. The answer to what question is that decision support is one of the use cases we’re using security ontology for; we’re not trying to do decision support specifically.
    • If there are significant changes to the scope statement, we’ll have to take it back to the Steering Division, so we’re hoping to be able to address their questions successfully

Harmonized Privacy and Security DAM Peer Review

  • Steve had submitted a suggestion to the listserv for changing the process for this review. Steve’s feeling is that the process for submitting peer review comments to Ioana which are then incorporated into a new version and then posting that revised version for review will take considerable time to get us to a ballot-able artifact
    • His proposal is to have a sub-group or task force meet separately from this meeting to discuss the details of the model
    • John agreed, indicating that he was in favor of more elaborate discussion with the group, and if this is a motion, would second the motion
    • Steve made a motion to create a meeting separate forum the WG meeting ,where interested parties can discuss the harmonized Security Privacy DAMs
    • John seconded the motion and added that the result of those meetings should be summarized, not in excruciating detail, during the regular Security WG meeting for those who are unable to attend the additional meeting
  • Following the motion, Mike called for discussion before taking a vote. The Security Work Group call is the appropriate venue for technical work that is the focus of this and the CBCC committees. John concurred that this meeting is preferable to scheduling a separate and additional session
  • Ioana re-iterated the Peer Review process. A few people have submitted comments, mostly as annotated versions of the document rather than using the Peer Review form. This creates additional clerical work (to transfer comments onto a single Peer Review for) makes the process a bit less efficient. The form is designed to consolidate all reviewer comments so that a disposition can be assigned to each comment. Comments/dispositions are reviewed during Work Group meetings. Many comments (typos, etc.) are trivial, but for those where further discussion is required, the process is an attempt to make comment review more efficient, not to inhibit input
    • Ioana wanted to assure the group that by using this process, it allows those who have not submitted comments themselves to review what others have submitted. Where the comment is not trivial and the disposition not obvious, part of the disposition process is to ask questions. Ioana does not attempt to substitute her own judgment. If something changes the intent of the document it has to be discussed by the group
    • Mike supports the Peer Review approach and says it provides an additional advantage by documenting the issues that were brought up and how they were resolved. This documentation is useful to others who were not part of the process
  • The motion was amended by Mike to dedicate the first hour of the regularly scheduled joint Security/CBCC WG call on Tuesdays to conduct the technical work required to complete the harmonized DAMs in order to meet the intended May ballot. If additional meetings are necessary to make that target, we can schedule additional meetings
    • Mike asked whether the co-chair of CBCC had any objections to the amendment. Suzanne agreed to the amendment
    • Motion seconded by Steve
    • This issue does not really require discussion since the effect is to conduct the usual work of these work groups. But given the discussion and the original motion, we took a vote:
    • Vote: 12/0/0
  • The agenda for next week will include one hour dedicated to address the comments that have been disposed by Ioana
  • Ioana requested some time during the last 15 minutes of today’s meeting to address some questions that were submitted by Milan Petkovic
    • Should we have a single diagram containing all the classes in a single view? Ioana was hesitant to create such a large diagram because it becomes unwieldy
      • Mike (and others in the group) think yes, and Mike was under the impression there would be such a diagram as it would be beneficial to see all of the classes in a single diagram providing there is an ability to depict the individual views (Security and Privacy) as well – more of a logical binding than a real one
      • In addition, Mike asked if it's possible to create a Visio version of the class diagram because he would like to be able to manipulate the diagram and submit those edits as comments. Not everyone has the modeling tool used to create the model. Ioana will import the model into Enterprise Architect which has a Visio plug-in and will produce a Visio version
    • Another question raised by Milan based on the Consent Directive diagram: Since the information model is covers consumer privacy preferences, how can a consumer specify that certain individuals may or may not have access to my health record? This comment is specific to the Privacy Policy structure overview diagram which only has a relationship between PrivacyRule and Role. Given that model, how can you express that only certain individuals can access a client’s personal health record since there is no relationship between PrivacyRule and User?
    • Ioana responded by saying this is supported by the information model, but this question raises a point. The policy itself does not allow you to specify use by name, but the Consent Directive does. The original Privacy DAM contained object diagrams showing specific instantiations of the model – specific instances of privacy policies and consent directives that show how the model could be instantiated (the classes are replaced by objects). In creating the harmonized DAM, the object diagrams were dropped. Should the object diagrams be included, and should we add new ones for the security policy?
    • The Consent Directive Overview Diagram (figure 10 in the Composite Privacy Domain Analysis Model Version 1 Release 2 DSTU) contains the user identity
    • Ioana will restore the object diagrams in a revised version


Footnote:

GWAS: A Genome-Wide Association Study is an approach that involves rapidly scanning markers across the complete sets of DNA, or genomes, of many people to find genetic variations associated with a particular disease. Once new genetic associations are identified, researchers can use the information to develop better strategies to detect, treat and prevent the disease.

  • The National Institutes of Health (NIH) is advancing genome-wide association studies (GWAS) to identify common genetic factors that influence health and disease.
  • To facilitate broad and consistent access to GWAS datasets, the NIH has developed a central NIH GWAS data repository 2 at the National Center for Biotechnology Information (NCBI), National Library of Medicine. The repository provides a single-point of access to basic information about NIH-supported GWAS and to available genotype-phenotype datasets for GWAS.
  • The potential for public benefit to be achieved through sharing GWAS data is significant. However, genotype and phenotype information generated about individuals, such as data related to the presence or risk of developing particular diseases or conditions is sensitive. Therefore, protecting the privacy of the research participants and the confidentiality of their data is critically important. The NIH has established on-going mechanisms to oversee GWAS policy implementation across the agency and to monitor whole genome association data use practices.
  • To ensure the security of the data held by the repository, the NCBI will employ multiple tiers of data security based on the content and level of risk associated with the data. The NIH will establish and maintain operating policies and procedures for the repository to address issues including, but not limited to, the privacy and confidentiality of GWAS research participants, the interests of individuals and groups, data access procedures, and data security mechanisms.


Meeting was adjourned at 2:00 PM EST