October 11, 2011 Security Conference Call
Security Working Group Meeting
- Bernd Blobel Security Co-chair, absent
- Bill Braithwaite, MD
- Kathleen Connor
- Ed Coyne
- Mike Davis Security Co-chair
- Jon Farmer
- Suzanne Gonzales-Webb CBCC Co-chair
- Roll Call, Approve previous meeting minutes, Accept Agenda
- Inclusion of International Security Members Addition of call or updating one call a month to a more agreeable international time?
- Security and Privacy Ontology work Tony Weida, Ed Coyne (?)
- Increase active role in ‘’Refactor of Confidentiality Codes’’ a CBCC-sponsored project – Should this topic be discussed during the Security meeting or should discussions be limited to CBCC meetings? The project is intended to be joint work—CBCC is sponsor.
- EHR Functional Model Assistance requested in closing the Security-related comments on the EHR Functional Model ballot; on how they want their catalog to be used.
- S&I Framework Discussion of any overlap.
- Data Segmentation (note there is call overlap, John Moehrke will be attending this call)
Roll Call, Approve previous meeting minutes, Accept Agenda
Inclusion of International Security Members
Add additional call or update one call a month to a more agreeable international time?
- Proposal 1: add an additional call per month (or bi-weekly)
- Proposal 2: or change one of the regularly call to a time that is more convenient for the international people
- 9-10AM EST (Mike is looking at his notes on this)
- Doodle poll as to what are acceptable times?
ACTION ITEM: Mike will try to send a Doodle Poll out for members to vote on proposed suggestions.
DISCUSSION: We will review the results of the doodle poll to see the most convenient time available/suggested—we may end up losing regular members if we decide to change one meeting a month, but there is consensus that we need to accommodate different times zones. We need to keep the two groups (regular Tuesday attendees and International members in sync. QUESTION: What is the number of West Coast attendees vs. International people who might attend? We know we have Jaime (Spain), Bernd Blobel and others (Finland, Switzerland, Australia, Japan), so there are a fairly significant number of members that would be willing to attend if there was a better time scheduled
Security and Privacy Ontology work - Tony Weida
to be added
Increase active role in Refactor of Confidentiality Codes’’ a CBCC-sponsored project – Should this topic be discussed during the Security meeting or should discussions be limited to CBCC meetings? The project is intended to be joint work—CBCC is sponsor. We need to answer the question: How are implementers supposed to use this? (add link see Mike’s paper )
- Incorporate the use case – manage, assign, receive when then get confidentiality codes; these need to be further defined in the Security-Privacy DAM (one of the project scope deliverables for the Refactor Confidentiality Code project)
intended to be joint work between CBCC and Security.
- ACTION ITEM: consider amending the refactor project scope or create a new project for the security portion. Where the obligations be carried will be different---they are a metadata of the transaction; further discussion (meta data vs. payload) needed. This piece is also missing from the Security-Privacy DAM. Also, between ontology and other vocabularies in the DAM that need to be enumerated in the US-realm. Have a catalog of existing code-sets that relate to the DAM and inspect and see if they are useful/restricted to the US Domain. Between that work and code-sets and confidentiality codes this will not perform surgery in those code-sets…some of this is also being done in the ontology work. (ontology work—international or US realm? Currently restricting to US to start, but would like to expand to international)
EHR Functional Model Assistance requested in closing the Security-related comments on the EHR Functional Model ballot; on how they want their catalog to be used. John Moehrke is looking for volunteers to walk through the public comments--to assist EHR WG dispose of these comments. Entails a few meetings, accept/modify the comments and return information to the EHR WG with results. Please contact: John Moehrke (Kathleen has volunteered to assist)
- Meta-data for EHR functional model; project on meta-data criteria for HIE
Presented to EHR WG but unsure if a formal project has been established. (Relation to HHS-ONC…xxx information.)
S&I Framework – (discussion item) overview report to make sure we are all on the same page with other work going on. Discussion of any overlap.
Data Segmentation (note there is call overlap, John Moehrke will be attending this call)