This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

June 02, 2015 Security WG Conference Call

From HL7Wiki
Jump to navigation Jump to search


x Member Name x Member Name x Member Name
x Mike DavisSecurity Co-chair . Duane DeCouteau . Chris Clark
x John MoehrkeSecurity Co-chair . Johnathan Coleman . Aaron Seib
? Alexander Mense Security Co-chair x Ken Salyards x Christopher Brown TX
. Trish WilliamsSecurity Co-chair . Gary Dickinson . Tim McKay
Kathleen Connor . Ioana Singureanu . Mohammed Jafari
x Suzanne Gonzales-Webb Darrell Woelk . Galen Mulrooney
x Diana Proud-Madruga . Reed Gelzer x William Kinsley
x Rick Grow Oliver Lawless . Paul Knapp

Back to Security Main Page

Agenda DRAFT

  1. (05 min) Roll Call, May 26 Meeting Minutes
  2. (20 min) FHIR Trust Framework - PMAC Map - Mike Davis
  3. FHIR Contract Design Considerations - Kathleen
  4. (10 min) PASS Access Control Conceptual Model (SOA) - Diana, Don Jorgenson
  5. (10 min) Vocabulary Alignment Project - Diana/Reed
  6. (10 min) FHIR Contract, Consent Directive Discussion (tentative)
  7. (05 min) October 2015 HL7 WGM - Atlanta, Georgia USA - agenda items
  8. (as time allows) FHIR disposition - review/discussion, ongoing agenda item
  9. (as time allows) Other business, action items, and adjournment

Meeting Minutes

Approval of May 26, 2015 Meeting Minutes

  • The minutes for the May 26 meeting were unanimously approved.

FHIR Trust Framework - PMAC Map - Mike/Kathleen <<add link to PPT>>

  • Kathleen presented on the suite of FHIR Resources to support the PFL project, including the FHIR Questionnaire Resource, FHIR Questionnaire Answer Resource, FHIR Consent Directive Resource Profile, and FHIR Privacy/Security/Trust Policy Resource Profile.
  • Her presentation also included the following:
  • CBCC & Security WGs are already developing a FHIR CD Questionnaire/Questionnaire profile which:
    • Captures a signed patient consent directive in a form template developed by an organization and based on organizational and jurisdictional privacy policies
    • Is able to support very simple, high level or detailed, granular CDs ranging from:
      • A simple acknowledgement of a HIPAA Notice of Privacy Policy
      • An HIE opt-in/opt-out CD such as that supported by BPPC
      • A multipurpose complex CD such as the VA’s eConsent form
    • Able to conform with Patient Friendly Consumer Interfaces IG
    • Used to populate the current FHIR CD Policy profile

PASS Access Control Conceptual Model (SOA) - Diana

  • Diana is going to meet with Don Jorgenson this afternoon to discuss this project.

Vocabulary Alignment - Diana

  • Delving deeper into diagrams that are available on the W3C Provenance data model website.
    • Using the diagrams and vocabulary to help clarify relationships between provenance and security in EHR.
  • On the EHR side of things, there is an ISO/TC 215 project for which they are updating the EHR Lifecycle definitions.
    • Per Kathleen, there are noted gaps between HL7, S&I Data Provenance and W3C. Kathleen will share these gaps with Diana in preparation for submission of ballot.
  • W3C is very rich, and has done a very good job of describing provenance.
  • Link to the W3C Prov map to HL7 v2, v3, CDA and FHIR Provenance Resource PPT -

Discussion on FHIR Consent Directive, Contract

  • Last week's DISCUSSION deferred to next FHIR DSTU Ballot.
  • NEXT STEPS: Need to state the intent (CBCC and Security) that FHIR Consent Policy/Trust Policy will not be balloted in October 2015, but planned for January 2016...this is a work in progress

2015 HL7 October Meeting, Atlanta, Georgia

Agenda items to be added

  • Security Architecture Framework (project status)
  • Demonstrations for implementations of Privacy on FHIR work - applications of HCS to a healthcare environment
  • New HIMSS self-run demo

Meeting adjourned at 1251 PDT