This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

Difference between revisions of "December 01, 2015 Security Conference Call"

From HL7Wiki
Jump to navigation Jump to search
 
(4 intermediate revisions by 2 users not shown)
Line 7: Line 7:
 
||  x|| [mailto:mike.davis@va.gov Mike Davis]Security Co-chair  
 
||  x|| [mailto:mike.davis@va.gov Mike Davis]Security Co-chair  
 
||||||  [mailto:duane.decouteau@gmail.com Duane DeCouteau]
 
||||||  [mailto:duane.decouteau@gmail.com Duane DeCouteau]
||||.|| [mailto:Chris.R.Clark@wv.gov Chris Clark]
+
||||.|| [mailto:Chris.R.Clark@wv.gov Chris Clark]
 
|-
 
|-
|| || [mailto:john.moehrke@med.ge.com John Moehrke]Security Co-chair
+
|| ||   [mailto:john.moehrke@med.ge.com John Moehrke]Security Co-chair
 
||||||  [mailto:jc@securityrs.com Johnathan Coleman]
 
||||||  [mailto:jc@securityrs.com Johnathan Coleman]
||||.|| [mailto:aaron.seib@2311.net Aaron Seib]
+
||||.|| [mailto:aaron.seib@2311.net Aaron Seib]
 
|-
 
|-
|| x|| [mailto:mense@fhtw.onmicrosoft.com Alexander Mense] Security Co-chair
+
|| x||   [mailto:mense@fhtw.onmicrosoft.com Alexander Mense] Security Co-chair
 
||||.||  [mailto:ken.salyards@samhsa.hhs.gov Ken Salyards]
 
||||.||  [mailto:ken.salyards@samhsa.hhs.gov Ken Salyards]
 
||||.||  [mailto:cbrown@socialcare.com Christopher D Brown] TX
 
||||.||  [mailto:cbrown@socialcare.com Christopher D Brown] TX
  
 
|-
 
|-
||.|| [mailto:trish.williams@ecu.edu.au Trish Williams]Security Co-chair
+
||.||   [mailto:trish.williams@ecu.edu.au Trish Williams]Security Co-chair
||||.|| [mailto:gary.dickinson@ehr-standards.com Gary Dickinson]
+
||||.|| [mailto:gary.dickinson@ehr-standards.com Gary Dickinson]
|||| x|| [mailto:dsilver@electrosoft-inc.com Dave Silver]
+
|||| x||[mailto:dsilver@electrosoft-inc.com Dave Silver]
 
      
 
      
 
|-
 
|-
 
|| x||  [mailto:Kathleen_Connor@comcast.net Kathleen Connor]
 
|| x||  [mailto:Kathleen_Connor@comcast.net Kathleen Connor]
||||.|| [mailto:ioana.singureanu@gmail.com Ioana Singureanu]
+
||||.|| [mailto:ioana.singureanu@gmail.com Ioana Singureanu]
 
||||||  [mailto:mjafari@edmondsci.com Mohammed Jafari]
 
||||||  [mailto:mjafari@edmondsci.com Mohammed Jafari]
  
 
|-
 
|-
 
||x||  [mailto:Suzanne.Webb@engilitycorp.com Suzanne Gonzales-Webb]
 
||x||  [mailto:Suzanne.Webb@engilitycorp.com Suzanne Gonzales-Webb]
|||||| [mailto:mailto:robert.horn@agfa.com Rob Horn]  
+
|||||| [mailto:mailto:robert.horn@agfa.com Rob Horn]  
||||.|| [mailto:Galen.Mulrooney@JPSys.com Galen Mulrooney]
+
||||.||[mailto:Galen.Mulrooney@JPSys.com Galen Mulrooney]
  
 
|-
 
|-
||  x|| [mailto:Diana.Proud-Madruga@engilitycorp.com Diana Proud-Madruga]
+
||  x|| [mailto:Diana.Proud-Madruga@engilitycorp.com Diana Proud-Madruga]
 
||||||  [mailto:Ken.Rubin@hp.com Ken Rubin]
 
||||||  [mailto:Ken.Rubin@hp.com Ken Rubin]
|||| x|| [mailto:bkinsley@nextgen.com William Kinsley]
+
|||| x|| [mailto:bkinsley@nextgen.com William Kinsley]
  
 
|-
 
|-
||  x|| [mailto:rgrow@technatomy.com Rick Grow]
+
||  x|| [mailto:rgrow@technatomy.com Rick Grow]
 
||||||  [mailto:pknapp@pknapp.com Paul Knapp]   
 
||||||  [mailto:pknapp@pknapp.com Paul Knapp]   
||||.|| [mailto:Debbie.Bucci@hhs.gov Debbie Bucci]
+
||||.|| [mailto:Debbie.Bucci@hhs.gov Debbie Bucci]
 
|-
 
|-
  
||  x|| [mailto:gfm@securityrs.com Glen Marshall], SRS
+
||  x|| [mailto:gfm@securityrs.com Glen Marshall], SRS
 
||||||  [mailto:akleinebe@gmail.com Bill Kleinebecker ]
 
||||||  [mailto:akleinebe@gmail.com Bill Kleinebecker ]
 
||||x|| [mailto:Christopher.Shawn2@va.gov Christopher Shawn]
 
||||x|| [mailto:Christopher.Shawn2@va.gov Christopher Shawn]
Line 51: Line 51:
 
||||||  [mailto:serafina.versaggi@gmail.com Serafina Versaggi ]
 
||||||  [mailto:serafina.versaggi@gmail.com Serafina Versaggi ]
 
|-
 
|-
|| x||  [mailto:Beth.Pumo@kp.org Beth Pumo]
+
|| x||  [mailto:Beth.Pumo@kp.org Beth Pumo]
 
||||||  [mailto:russell.mcdonell@c-cost.com Russell McDonell]
 
||||||  [mailto:russell.mcdonell@c-cost.com Russell McDonell]
 
||||||  [mailto:paul.petronelli@gmail.com Paul Petronelli ], Mobile Health
 
||||||  [mailto:paul.petronelli@gmail.com Paul Petronelli ], Mobile Health
Line 92: Line 92:
  
 
'''Approve meeting minutes for November 24'''
 
'''Approve meeting minutes for November 24'''
Objections: none, Abstentions: none, Meeting Minutes approved
 
  
'''Healthcare Access Control Catalog'''
+
Objections: none, Abstentions: none, Approval: 12
  
Ballot voting begins on Friday  
+
'''Healthcare Access Control Catalog''' - Update
 +
 
 +
* Ballot voting begins on Friday  
 
* Document completed for ballot
 
* Document completed for ballot
  
Joint vocabulary Update
+
'''Joint Vocabulary Alignment Update'''
*This AM looked at diagrams completed for vocabulary verbs
 
**Reviewed changes made
 
** revisiting verb: received
 
** the items looked at this AM are 80-90% complete
 
** other verbs are being diagrammed
 
* hoping by January 2016 meeting that 10 verbs will be completed (or mostly completed)
 
  
PASS Access Control Conceptula
+
* This AM looked at diagrams completed for vocabulary verbs
* ballot reconciliation - all of the comments have been reviewed, resolutions provided
+
** Reviewed changes made
 +
** Revisiting verb: "Received"
 +
** The items looked at this AM are 80-90% complete
 +
** Other verbs are being diagramed
 +
* Hoping by January 2016 meeting that 10 verbs will be completed (or mostly completed)
 +
 
 +
'''PASS Access Control Conceptual Model'''
 +
 
 +
* Ballot reconciliation - all of the comments have been reviewed, resolutions provided
 
* VA will be contacted to withdraw the negative vote
 
* VA will be contacted to withdraw the negative vote
* still need to contact Bernd
+
* Still need to contact Bernd
* need to contact DoD on adopting the VA comments, withdrawing/retracting their negative vote
+
* Need to contact DoD on adopting the VA comments, withdrawing/retracting their negative vote
* changes from the resolutsion will be added to the document
+
* Changes from the resolutions will be added to the document
 +
 
 +
'''January WGM 2016, Orlando, Florida'''
 +
 
 +
Agenda Item topics:
  
 +
* FHIR Connect-a-thon work (before the WGM)
  
FHIR Connect-ta-thon work (before the WGM)
+
''Monday'' - joint with CBCC
Monday - joint with CBCC  
+
* Update on the FHIR Connect-ta-thon
+
* Update on the FHIR Connect-a-thon
* Interest on the approach in privacy protection (Alex's student has written on this subject) - security risks on health
+
* Interest on the approach to privacy protection (Alex's student has written on this subject) - security risks to health
 
** Alex will contact student to possibly have student join call
 
** Alex will contact student to possibly have student join call
 
** a look beyond what we normally look at ''beyond healthcare''
 
** a look beyond what we normally look at ''beyond healthcare''
 
** ''privacy protective security protective mechanisms'' (Glen, Alex, Kathleen)
 
** ''privacy protective security protective mechanisms'' (Glen, Alex, Kathleen)
* Kantara - tokens
+
** Kantara - tokens
  
Tuesday
+
''Tuesday''
  
Wednesday Q2 - Scheduling in PASS Access Control ballot reconciliation  
+
* Tuesday Q3/Q4 - Access Control Catalog - ballot reconciliation; w/CBCC representative
  
Wednesday Q3 - Vocabulary Alignment w/EHR, CBCC representative, Security
+
''Wednesday''
Tuesday Q3/Q4 - Access Control Catalog - ballot reconciliation; w/CBCC representative
 
Wednesday Q4 - ballot reconciliation; S&P Access Control Catalog
 
  
time for:
+
* Q2 - Scheduling in PASS Access Control ballot reconciliation
 +
* Wednesday Q3 - Vocabulary Alignment w/EHR, CBCC representative, Security
 +
* Wednesday Q4 - ballot reconciliation; S&P Access Control Catalog
 +
 
 +
Also agenda time needed for:
 
# proposed audit standard for SOA (supported by Security), maybe WedQ2
 
# proposed audit standard for SOA (supported by Security), maybe WedQ2
 
# framework; FHIR provenance
 
# framework; FHIR provenance
 
#* approvals needed for proposals in changes
 
#* approvals needed for proposals in changes
 
#* provide an outline, work on during summer in prep for May 2016 ballot
 
#* provide an outline, work on during summer in prep for May 2016 ballot
#* note that VA folk will be not going to May/Canada meeting
+
#* note that VA folks will be not going to May/Canada meeting
  
 +
'''Audit Service diagram''' <<add link>>
  
Audit Service diagram <<add link>>
+
Detailed walkthrough provided by Dave Silver
  
 
Detailed walkthrough provided
 
 
Model was created such that it will render on a landscape page
 
Model was created such that it will render on a landscape page
  
based on the open group mode of audit server which reflect other standards (typing back to ISO standards)
+
Based on The Open Group mode of audit service which reflects other standards (tracing back to ISO standards)
 
# Audit event - something has happened somewhere (OS, processes, hardwired to  
 
# Audit event - something has happened somewhere (OS, processes, hardwired to  
## creating an AuditEvent, which pulls together configured raw data
+
## creating an AuditEvent which pulls together configured raw data
ultimately an audit record is created (which we want to keep)
+
## ultimately an audit record is created (which we want to keep)
Audit record...
+
 
 +
Email Dave Silver (dsilver@electrosoft-inc.com) with any questions on the model.
 +
 
 +
''Meeting Adjourned at 1400 MST''  --[[User:Suzannegw|Suzannegw]] ([[User talk:Suzannegw|talk]]) 16:04, 1 December 2015 (EST)

Latest revision as of 15:43, 8 December 2015

Attendees

x Member Name x Member Name x Member Name
x Mike DavisSecurity Co-chair Duane DeCouteau . Chris Clark
John MoehrkeSecurity Co-chair Johnathan Coleman . Aaron Seib
x Alexander Mense Security Co-chair . Ken Salyards . Christopher D Brown TX
. Trish WilliamsSecurity Co-chair . Gary Dickinson x Dave Silver
x Kathleen Connor . Ioana Singureanu Mohammed Jafari
x Suzanne Gonzales-Webb Rob Horn . Galen Mulrooney
x Diana Proud-Madruga Ken Rubin x William Kinsley
x Rick Grow Paul Knapp . Debbie Bucci
x Glen Marshall, SRS Bill Kleinebecker x Christopher Shawn
Oliver Lawless Rob Horn Serafina Versaggi
x Beth Pumo Russell McDonell Paul Petronelli , Mobile Health
Christopher Doss x Kamalini Vaidya [mailto: ]

Back to Security Main Page

Agenda DRAFT

  1. ( 5 min) Roll Call, Agenda Approval
  2. ( 5 min) Approve November 24 Meeting Minutes
  3. ( 5 min) Healthcare Security and Privacy Access Control Catalog Update - Rick, Suzanne
  4. ( 5 min) Joint Vocabulary Alignment Update - Diana
  5. ( min) FHIR Security report out - John
  6. ( 5 min) PASS Access Control Conceptual Model (SOA) ballot reconciliation Update - Diana, Don, Mike, Dave
  7. (10 min) Upcoming January WGM 2016 - Orlando, Florida - AGENDA ITEMS
  8. Update Preview of Audit Functional Model - Dave
  • in future to update the PASS Audit


**New** 
FHIR Security Topics  in support of FHIM
Meeting Information:  Tuesdays 2:00PM PT/5:00PM ET
Phone: +1 770-657-9270, Participant Code: 994563 hosted by Security
Web meeting Info:   https://global.gotomeeting.com/join/520841173  
Discussion includes: Security - Audit, Provenance, Labels, Signature

**New** 
Wednesday Consent on FHIR Topics ' 3:00PM PT/6:00 PM ET hosted by CBCC
GoToMeeting information: https://global.gotomeeting.com/join/520841173 
Phone: +1 770-657-9270, Participant Code: 994563

Meeting Minutes (DRAFT)

Approve meeting minutes for November 24

Objections: none, Abstentions: none, Approval: 12

Healthcare Access Control Catalog - Update

  • Ballot voting begins on Friday
  • Document completed for ballot

Joint Vocabulary Alignment Update

  • This AM looked at diagrams completed for vocabulary verbs
    • Reviewed changes made
    • Revisiting verb: "Received"
    • The items looked at this AM are 80-90% complete
    • Other verbs are being diagramed
  • Hoping by January 2016 meeting that 10 verbs will be completed (or mostly completed)

PASS Access Control Conceptual Model

  • Ballot reconciliation - all of the comments have been reviewed, resolutions provided
  • VA will be contacted to withdraw the negative vote
  • Still need to contact Bernd
  • Need to contact DoD on adopting the VA comments, withdrawing/retracting their negative vote
  • Changes from the resolutions will be added to the document

January WGM 2016, Orlando, Florida

Agenda Item topics:

  • FHIR Connect-a-thon work (before the WGM)

Monday - joint with CBCC

  • Update on the FHIR Connect-a-thon
  • Interest on the approach to privacy protection (Alex's student has written on this subject) - security risks to health
    • Alex will contact student to possibly have student join call
    • a look beyond what we normally look at beyond healthcare
    • privacy protective security protective mechanisms (Glen, Alex, Kathleen)
    • Kantara - tokens

Tuesday

  • Tuesday Q3/Q4 - Access Control Catalog - ballot reconciliation; w/CBCC representative

Wednesday

  • Q2 - Scheduling in PASS Access Control ballot reconciliation
  • Wednesday Q3 - Vocabulary Alignment w/EHR, CBCC representative, Security
  • Wednesday Q4 - ballot reconciliation; S&P Access Control Catalog

Also agenda time needed for:

  1. proposed audit standard for SOA (supported by Security), maybe WedQ2
  2. framework; FHIR provenance
    • approvals needed for proposals in changes
    • provide an outline, work on during summer in prep for May 2016 ballot
    • note that VA folks will be not going to May/Canada meeting

Audit Service diagram <<add link>>

Detailed walkthrough provided by Dave Silver

Model was created such that it will render on a landscape page

Based on The Open Group mode of audit service which reflects other standards (tracing back to ISO standards)

  1. Audit event - something has happened somewhere (OS, processes, hardwired to
    1. creating an AuditEvent which pulls together configured raw data
    2. ultimately an audit record is created (which we want to keep)

Email Dave Silver (dsilver@electrosoft-inc.com) with any questions on the model.

Meeting Adjourned at 1400 MST --Suzannegw (talk) 16:04, 1 December 2015 (EST)

Retrieved from "https://wiki.hl7.org/w/index.php?title=December_01,_2015_Security_Conference_Call&oldid=109589"