This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

Difference between revisions of "November 10, 2015 Security Conference Call"

From HL7Wiki
Jump to navigation Jump to search
Line 13: Line 13:
 
||||.||  [mailto:aaron.seib@2311.net Aaron Seib]
 
||||.||  [mailto:aaron.seib@2311.net Aaron Seib]
 
|-
 
|-
|||| [mailto:mense@fhtw.onmicrosoft.com Alexander Mense] Security Co-chair
+
||x|| [mailto:mense@fhtw.onmicrosoft.com Alexander Mense] Security Co-chair
 
||||.||  [mailto:ken.salyards@samhsa.hhs.gov Ken Salyards]
 
||||.||  [mailto:ken.salyards@samhsa.hhs.gov Ken Salyards]
 
||||||  [mailto:cbrown@socialcare.com Christopher D Brown] TX
 
||||||  [mailto:cbrown@socialcare.com Christopher D Brown] TX
Line 72: Line 72:
 
#* PSS forwarded to FTSD for review/approval
 
#* PSS forwarded to FTSD for review/approval
 
# '''( 5 min)'' SOA Cloud Planning Guide''' - Diana
 
# '''( 5 min)'' SOA Cloud Planning Guide''' - Diana
# Status SP Privacy Engineering Framework participation as SMEs - Mike  
+
# '''Status SP Privacy Engineering Framework participation as SMEs''' - Mike  
 
# ''( 5 min)'' '''Joint Vocabulary Alignment Update''' - Diana
 
# ''( 5 min)'' '''Joint Vocabulary Alignment Update''' - Diana
 
# ''(  min)'' '''FHIR Security '''report out  - John
 
# ''(  min)'' '''FHIR Security '''report out  - John
# ''(30 min)'' '''PASS Access Control Conceptual Model (SOA) ballot reconciliation''' Update - Diana, Don Jorgenson, Mike, Dave
+
# ''(35 min)'' '''PASS Access Control Conceptual Model (SOA) ballot reconciliation''' Update - Diana, Don Jorgenson, Mike, Dave
  
 
==Meeting Minutes (DRAFT)==
 
==Meeting Minutes (DRAFT)==
Line 88: Line 88:
 
** information can be found in the PSS
 
** information can be found in the PSS
 
** there is a security section, addressing security and privacy consideration associated with cloud (blueprints)
 
** there is a security section, addressing security and privacy consideration associated with cloud (blueprints)
* Does security want to be involved? as co-sponsor, interested party or do we care
+
* Does security want to be involved? as co-sponsor, interested party or do we care?
**
+
** Cloud security depends on the clouds service provider
 +
** this is an item being worked on by NIST
 +
** Mike believes that this is immature and will most likely be a part of the infrastructure.  Does not see that we have a huge role here
 +
 
 +
Are there any objections for us being listed as an interested party?
 +
None heard
 +
 
 +
'''SP Privacy Engineering Framework participation as SMEs'''
 +
* A work item proposal out of SC27
 +
* Mike will give document to Suzanne for posting
 +
 
 +
'''FHIR Security'''
 +
Meeting later this afternoon, please join
 +
 
 +
'''Joint Vocabulary Alignment Update'''
 +
see CBCC update
 +
 
 +
'''PASS Access Control Ballot Reconciliation'''
 +
Row 53-91
 +
Motion made to accept the comment dispositions (comment #50-88) as presented
 +
(Mike/Suzanne)
 +
Objections: none, Abstentions: none, in favor: 9
 +
PASS Access Control

Revision as of 20:33, 10 November 2015

Attendees

x Member Name x Member Name x Member Name
x Mike DavisSecurity Co-chair Duane DeCouteau . Chris Clark
x John MoehrkeSecurity Co-chair Johnathan Coleman . Aaron Seib
x Alexander Mense Security Co-chair . Ken Salyards Christopher D Brown TX
. Trish WilliamsSecurity Co-chair . Gary Dickinson x Dave Silver
Kathleen Connor . Ioana Singureanu Mohammed Jafari
x Suzanne Gonzales-Webb Rob Horn . Galen Mulrooney
x Diana Proud-Madruga Ken Rubin William Kinsley
x Rick Grow Paul Knapp . Debbie Bucci
x Glen Marshall, SRS Bill Kleinebecker Chris Shawn
Oliver Lawless Rob Horn Serafina Versaggi
Beth Pumo Russell McDonell Paul Petronelli , Mobile Health
x Christopher Doss x Christopher Shawn [mailto: ]

Back to Security Main Page

Agenda DRAFT

  1. ( 5 min) Roll Call, Agenda Approval
  2. ( 5 min) Approve November 03 Meeting Minutes
  3. (15 min) mHealth WG - FHIRFrame Project Security Requirements PSS to be displayed)-- Paul Petronelli, Christopher Doss
  4. ( 5 min) Healthcare Security and Privacy Access Control Catalog Update
    • PSS forwarded to FTSD for review/approval
  5. ( 5 min) SOA Cloud Planning Guide - Diana
  6. Status SP Privacy Engineering Framework participation as SMEs - Mike
  7. ( 5 min) Joint Vocabulary Alignment Update - Diana
  8. ( min) FHIR Security report out - John
  9. (35 min) PASS Access Control Conceptual Model (SOA) ballot reconciliation Update - Diana, Don Jorgenson, Mike, Dave

Meeting Minutes (DRAFT)

Meeting MInutes approval


'SOA Planning Guide; New SOA Main deliverable is a white paper

    • an information document as to how HL7 standards should be applied as organizations migrate their information to the Cloud
    • information can be found in the PSS
    • there is a security section, addressing security and privacy consideration associated with cloud (blueprints)
  • Does security want to be involved? as co-sponsor, interested party or do we care?
    • Cloud security depends on the clouds service provider
    • this is an item being worked on by NIST
    • Mike believes that this is immature and will most likely be a part of the infrastructure. Does not see that we have a huge role here

Are there any objections for us being listed as an interested party? None heard

SP Privacy Engineering Framework participation as SMEs

  • A work item proposal out of SC27
  • Mike will give document to Suzanne for posting

FHIR Security Meeting later this afternoon, please join

Joint Vocabulary Alignment Update see CBCC update

PASS Access Control Ballot Reconciliation Row 53-91 Motion made to accept the comment dispositions (comment #50-88) as presented (Mike/Suzanne) Objections: none, Abstentions: none, in favor: 9 PASS Access Control