This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

March 11, 2014 Security WG Conference Call

From HL7Wiki
Jump to navigation Jump to search

Back to Security Main Page


Member Name Present Member Name Present Member Name Present
Mike Davis Security Co-chair x John Moehrke Security Co-chair . Trish Williams Security Co-chair
Bernd Blobel, Security Co-chair . Johnathan Coleman x Kathleen Connor x
Duane DeCouteau . Reed Gelzer . Suzanne Gonzales-Webb CBCC Co-chair x
Rick Grow x David Henkel x Mohammed Jafari .
Don Jorgenson . Diana Proud-Madruga x Harry Rhodes .
Ioana Singureanu . Richard Thoreson CBCC Co-chair . Ross Freeman .
Amanda Nash x Walter Suarez . Tony Weida x
. . .
. . .

Back to Security Main Page


  1. (05 min) Roll Call, Approve Minutes & Accept Agenda
  2. (20 min) Security and Privacy Ontology / Mind Map - Diana/Tony
  3. (10 min) EHR MU 2015 Voluntary requirements – HL7 Policy response - Kathleen
  4. (10 min) July Harmonization – Trust - Kathleen
  5. (05 min) Other business, action items

Meeting Minutes DRAFT

Meeting Minutes Approved for 3/4/2013, Agenda accepted (Suzanne/Johnathan)

Security and Privacy Ontology / Mind Map Specifically looking at the class operation, sub-ontology (CRUDEA_OperationOntology operations

  • looking at separating them into different levels (at current they are at the same level)
    • recommend update replace definition to one that does not contain 'replace' in the definition
      • I.e. substitute **will need to update the RBAC documentation
    • If we have a hierarchical system, how is that reflected in the mind-map

In order to present a hierarchy, we need to have a group of items (words) that might fall under the same category

Tony has suggested that we can write a script--where we can automatically create the mind map from OWL. I think it’s something we should consider. Is this something that the group wants? One thing that we keep in mind is that developing the definitions of the operations will agree with the hierarchy that we've created since different people have different views, etc. on the definition. Definitions should be in parallel.

(Mike) So, you’ve got a lot of other stuff in here that kind of clutters this up, like the annotations and descriptions. I was wondering if the mind map has the capability of putting a text scroll as an object. Putting the description in here is confusing because you have to know that the description and then the words underneath it are not the same thing. It seemed like the description would be more likely a text scroll box inside of the parent. This is still fairly complicated. I’d like to get to the point where, if you have a list of words, we can look at them and manipulate them in the simplest possible way. We’re proposing to the working group a means of specifically dealing with this operational vocabulary. It’s nice to actually be able to see the discussion like this, but then we would have to have the ability to have children in a chain coming off of that. Everything’s at the same level, which may be appropriate if they’re orthogonal to each other and there’s no specific relationship. I think if we took just this list of operations and then go down the list, start to manipulate it. The alternative to doing this is to work in Excel, which has not worked well in the past. I think we just need to have you to try it yourself, and then pick on Tony to try once again with a proposed draft that we can all beat to death.

Meaningful Use Criteria

Link to Kathleen's post:

The policy committee would like us to provide comment. Security note High points:

  • Transmit-applicability statement for secure health transport and delivery notification direct. Enable health information to be electronically transmitted in accordance with the standard specified.

The first item we should talk about is the 2015 Meaningful Use criteria. I got recommended comments back on this from HL7. A couple of highlights I want to point out to you: the big changes that I saw included a notification capability for Direct. There is a delivery notification that has expired.

I guess one of the key differences between 2014 and 2015 is the opportunity to update the base standards.

Within the table, there are two columns, one labeled: “2013 updated” and the other labeled: “2015”. I excerpted the download transmit card, and the big change here was a change in language regarding EHR technology. They’ve changed the phrasing.

Between now and next week, if people have a chance to decide if they have any heartburn with the notification, they should get back to me on it.

EHR Tech A <--edge--> HISP A <--> HISP B <--edge--> EHR Tech B


Question to Johnathan: Regarding presentation given on 3/10/2014 Did group record and transcribe the conversations around the conversation--- Yes, it will be available on (recording will also be available)

July Harmonization – Trust

HCS vocabulary with the NIST labels. We have classification labels, category labels, and field labels. This one is where the trust labels would be found. I created this tree and put it into subclasses in the vocabulary. I’ve been focusing on trust mechanisms for the most part. There’s an assurance level with definitions, authentication with level of assurance.

Other business, action items Question to Johnathan: Did anyone from your group record and transcribe the conversation around your presentation? Johnathan Yes, it will be available on the Internet. There will be a follow-up on this discussion. Mike A lot of these questions come up over and over again. The reason I’m looking for a transcript is so that maybe we can discuss these things and come up with a common response.

Meeting adjourned at 1502 PST --Suzannegw (talk) 22:13, 11 March 2014 (UTC)