Security and Privacy Tutorial 2012
Free Tutorial given at Baltimore 2012
This session will focus on how to apply security and privacy to the health IT standards. It will cover the basics of security and privacy using real-world examples. The session will explain how each phase of design needs to consider risks to security and privacy to best design security and privacy in; and mechanisms for flowing risks down to the next phase of design. In addition, it will cover the security and privacy relevant standards that HL7 has to offer including: Role-Based-Access-Control Permissions, Security/Privacy ontology, ConfidentialityCode, CDA Consent Directive, Access Control Service, Audit Control Service, and others. These standards and services will be explained in the context of providing a secure and privacy protecting health IT environment.
First Quarter
- Cookbook for Security Considerations -- John Moehrke
- HL7 gForge folder with resources http://gforge.hl7.org/gf/project/security/docman/?subdir=144
- Tutorial Presentation on the Security Risk Assessment Cookbook Version 7.7
- Formal Security Cookbook Paper Version 2.41
Second Quarter
- HL7 Security and Privacy DAM and Ontology Bernd Blobel
- Security Access Control Mike Davis
- PASS—Privacy, Security and Access Services Don Jorgenson
- CDA Consent DSTU Trish Williams
