This wiki has undergone a migration to Confluence found Here

September 8th 2009 Security Conference Call

From HL7Wiki
Jump to navigation Jump to search

Security Working Group Meeting

==Attendees== (expected)


  1. (05 min) Roll Call, Approve Minutes & Accept Agenda
  2. (05 min) HL7 Security Risk Assessment Document v2.1
  3. (35 min) Appeal to member on call to vote affirmatively on Permission Catalog work
  • Comment to be made on ballot (negative), regarding the need of authoritative sources on both the actions and objects. Adding sources would not be a major change (and we would not have to reballot. We should be consistent wit polocy and include these sources.
    • Operation defintions (current) were developed specifically for RBAC
      • Discovery of
  1. (15 min) Action items from last call
  • Negotiations use cases - informally agreed to document these use cases
    • human to human negotation (to be provided by Steve Connolly
    • human to machine negotiation (to provided by John Moehrke) i.e. override/break glass use case
    • machine to machine (fully automated, to be provided by Steve Connolly) set of policies some of which are jurisditional defaults/access control policies which need to combined in some certain way - which is IN SCOPE for our project

MOTION: Three use cases will be prepared that synthesize the discussion we have had about privacy policy. A collaboration of information will ensue.

  • John Moehrke and Steve Connolly will collaborate and provide the first draft.
  • The purpose of the use cases is to come to grips to a definition of negotiation and other concepts which may come out of it.

Amendment to Motion: To create a glossary of terms and small set of use cases Clarification of policy/scope of motion: access control policies such as: access disclosure, privacy policies, consent directive that have to do with access use. (i.e. related to patient privacy preference) VOTE: Objections/OPPOSE: 0; Abstain: 0 Affirmative/PASS: 16

Discussion: Negotiation from the patient perspective is an agreement is to accept and enforce the preferences that the patient is proposing. A legally binding agreement between the patient and the provider (provider =MD or the =Enterprise) or whether as ‘’obligated’’ by law as in emergency access.

The findings of the motion in defining negotiation may be an issue of semantics - negotiations vs. interaction. Per Rob McClure negotiation requires back-and-forth. What if patient says none of those choices are acceptable?

(Mike) If an organization offers up a choice and a patient can pick a, b, c. Patient says I want a, b. The organization comes back and says your choices have been accepted...this is still negotiation, an ending of this contract. I offer this, you take this' --there is an obligation to fulfill those choices, isn’t' that a negotiation

Mike – we have 3 use cases proposed which contain each of what you have mentioned. a. b. c. there is a hybrid case, and there is a use case for picking form the list and you can conceive the compound case. Rob McClure – Additionally, there is an approval that requires a human evaluation to propose a resolution. You offer a, b, c and I as the patient want d. I as a patient am coming forth as a request (I see as a policy) which is computable, the computer on the access control side I’m going to see if that’s acceptable to me and enforceable on my side—algorithmically resolved and computer accepts this as a policy, based on computable algorithm—I don’t consider this as a negotiation. MIKE – negotiation is between the patient and the organization, it doesn’t have to be human to human. the outcome is a contract. The patient has policies (or preference) which they are proposing and the enterprise has policies and the contract is what the patient is asking for and what the enterprise will accept. Don – the hit a point where there is a conflict between the patient preference and the organization policy and he was envisioning that this would be passed over a reconciliation or negotiation process that would have to involve a human… whether the human changes their preference it would require an algorithm that allows for the process to continue. This is what I believe where john m was expressing

Mike – we are limited by the law… ultimately the provider can accept or reject the patient’s request. If we have policy where the patient’s request dominates, that would require a more manual process where patient safety comes into play. A provider uncomfortable with this play, can say…you have to go somewhere else for your care.

Negotiation may be as simple as going to supermarket and an accepted price. It’s worth laying out the possible options.


  1. VOTE - Ballot Closes Monday, September 14th
  2. Provide comments to the above HL7 Security Risk Assessment Document to [ Suzanne] or have comments prepared for Security WG meeting in Atlanta. Note: Presentation accompanying document to be posted before the end of this week


There is a week remaining until Ballot Voting Closes, Monday, September 14th. Please be sure to vote before this deadline.

Voting Close Date – September 14 Voting for all pools closes on Monday, September 14 (end-of-day, midnight Eastern time). Please note that Ballot Pool sign up closed yesterday--September 07

Ballot Announcement

Ballot Desktop (will reflect any changes to ballot level

Action Items

Back to Security Main Page