This wiki has undergone a migration to Confluence found Here
Difference between revisions of "November 10, 2015 Security Conference Call"
Jump to navigation
Jump to search
| (5 intermediate revisions by 2 users not shown) | |||
| Line 13: | Line 13: | ||
||||.|| [mailto:aaron.seib@2311.net Aaron Seib] | ||||.|| [mailto:aaron.seib@2311.net Aaron Seib] | ||
|- | |- | ||
| − | |||| [mailto:mense@fhtw.onmicrosoft.com Alexander Mense] Security Co-chair | + | ||x|| [mailto:mense@fhtw.onmicrosoft.com Alexander Mense] Security Co-chair |
||||.|| [mailto:ken.salyards@samhsa.hhs.gov Ken Salyards] | ||||.|| [mailto:ken.salyards@samhsa.hhs.gov Ken Salyards] | ||
|||||| [mailto:cbrown@socialcare.com Christopher D Brown] TX | |||||| [mailto:cbrown@socialcare.com Christopher D Brown] TX | ||
| Line 71: | Line 71: | ||
# ''( 5 min)'' '''Healthcare Security and Privacy Access Control Catalog''' Update | # ''( 5 min)'' '''Healthcare Security and Privacy Access Control Catalog''' Update | ||
#* PSS forwarded to FTSD for review/approval | #* PSS forwarded to FTSD for review/approval | ||
| − | # '''( 5 min)'' SOA Cloud Planning Guide''' - | + | # '''( 5 min)'' SOA Cloud Planning Guide''' - Diana |
| − | # Status SP Privacy Engineering Framework participation as SMEs - Mike | + | # '''Status SP Privacy Engineering Framework participation as SMEs''' - Mike |
# ''( 5 min)'' '''Joint Vocabulary Alignment Update''' - Diana | # ''( 5 min)'' '''Joint Vocabulary Alignment Update''' - Diana | ||
# ''( min)'' '''FHIR Security '''report out - John | # ''( min)'' '''FHIR Security '''report out - John | ||
| − | # ''( | + | # ''(35 min)'' '''PASS Access Control Conceptual Model (SOA) ballot reconciliation''' Update - Diana, Don Jorgenson, Mike, Dave |
| + | |||
| + | ==Meeting Minutes (DRAFT)== | ||
| + | |||
| + | '''Meeting Minutes approval''' | ||
| + | |||
| + | The minutes from the November 3, 2015 meeting were unanimously approved. | ||
| + | |||
| + | '''SOA Planning Guide''' | ||
| + | |||
| + | New SOA project, PSS submitted | ||
| + | * Main deliverable is a white paper | ||
| + | ** an informative document as to how HL7 standards should be applied as organizations migrate their information to the Cloud | ||
| + | ** information can be found in the PSS | ||
| + | ** there is a security section, addressing security and privacy considerations associated with cloud (blueprints) | ||
| + | * Does Security want to be involved? A co-sponsor, interested party or do we care? | ||
| + | ** Cloud security depends on the cloud service provider | ||
| + | ** this is an item being worked on by NIST | ||
| + | ** Mike believes that this is immature and will most likely be a part of the infrastructure. Does not see that we have a huge role here. | ||
| + | |||
| + | * Are there any objections for us being listed as an interested party? | ||
| + | ** None heard | ||
| + | |||
| + | '''SP Privacy Engineering Framework participation as SMEs''' | ||
| + | |||
| + | * A work item proposal out of ISO/SC 27 (ANSI INCITS) | ||
| + | * Mike will give document to Suzanne for posting | ||
| + | |||
| + | '''FHIR Security''' | ||
| + | |||
| + | Meeting later this afternoon. Please join. | ||
| + | |||
| + | '''Joint Vocabulary Alignment Update''' | ||
| + | |||
| + | See CBCC update. | ||
| + | |||
| + | '''PASS Access Control Ballot Reconciliation''' | ||
| + | |||
| + | * Rows 53-91 | ||
| + | * Motion made to accept the comment dispositions (Rows 53-91; ''comment #50-88'') as presented (Mike/Suzanne) | ||
| + | |||
| + | '''Objections: none, Abstentions: none, in favor: 9''' | ||
| + | |||
| + | Ballot Reconciliation (cont.) | ||
| + | |||
| + | starting with Row 91 (comments 89-99) | ||
| + | |||
| + | '''Objections: none, Abstentions: none, in favor: 9''' | ||
| + | |||
| + | ''Meeting adjourned at 1257 PDT'' | ||
Latest revision as of 18:56, 17 November 2015
Attendees
| x | Member Name | x | Member Name | x | Member Name | |||
|---|---|---|---|---|---|---|---|---|
| x | Mike DavisSecurity Co-chair | Duane DeCouteau | . | Chris Clark | ||||
| x | John MoehrkeSecurity Co-chair | Johnathan Coleman | . | Aaron Seib | ||||
| x | Alexander Mense Security Co-chair | . | Ken Salyards | Christopher D Brown TX | ||||
| . | Trish WilliamsSecurity Co-chair | . | Gary Dickinson | x | Dave Silver | |||
| Kathleen Connor | . | Ioana Singureanu | Mohammed Jafari | |||||
| x | Suzanne Gonzales-Webb | Rob Horn | . | Galen Mulrooney | ||||
| x | Diana Proud-Madruga | Ken Rubin | William Kinsley | |||||
| x | Rick Grow | Paul Knapp | . | Debbie Bucci | ||||
| x | Glen Marshall, SRS | Bill Kleinebecker | Chris Shawn | |||||
| Oliver Lawless | Rob Horn | Serafina Versaggi | ||||||
| Beth Pumo | Russell McDonell | Paul Petronelli , Mobile Health | ||||||
| x | Christopher Doss | x | Christopher Shawn | [mailto: ] |
Agenda DRAFT
- ( 5 min) Roll Call, Agenda Approval
- ( 5 min) Approve November 03 Meeting Minutes
- (15 min) mHealth WG - FHIRFrame Project Security Requirements PSS to be displayed)-- Paul Petronelli, Christopher Doss
- ( 5 min) Healthcare Security and Privacy Access Control Catalog Update
- PSS forwarded to FTSD for review/approval
- ( 5 min) SOA Cloud Planning Guide - Diana
- Status SP Privacy Engineering Framework participation as SMEs - Mike
- ( 5 min) Joint Vocabulary Alignment Update - Diana
- ( min) FHIR Security report out - John
- (35 min) PASS Access Control Conceptual Model (SOA) ballot reconciliation Update - Diana, Don Jorgenson, Mike, Dave
Meeting Minutes (DRAFT)
Meeting Minutes approval
The minutes from the November 3, 2015 meeting were unanimously approved.
SOA Planning Guide
New SOA project, PSS submitted
- Main deliverable is a white paper
- an informative document as to how HL7 standards should be applied as organizations migrate their information to the Cloud
- information can be found in the PSS
- there is a security section, addressing security and privacy considerations associated with cloud (blueprints)
- Does Security want to be involved? A co-sponsor, interested party or do we care?
- Cloud security depends on the cloud service provider
- this is an item being worked on by NIST
- Mike believes that this is immature and will most likely be a part of the infrastructure. Does not see that we have a huge role here.
- Are there any objections for us being listed as an interested party?
- None heard
SP Privacy Engineering Framework participation as SMEs
- A work item proposal out of ISO/SC 27 (ANSI INCITS)
- Mike will give document to Suzanne for posting
FHIR Security
Meeting later this afternoon. Please join.
Joint Vocabulary Alignment Update
See CBCC update.
PASS Access Control Ballot Reconciliation
- Rows 53-91
- Motion made to accept the comment dispositions (Rows 53-91; comment #50-88) as presented (Mike/Suzanne)
Objections: none, Abstentions: none, in favor: 9
Ballot Reconciliation (cont.)
starting with Row 91 (comments 89-99)
Objections: none, Abstentions: none, in favor: 9
Meeting adjourned at 1257 PDT
