This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

Difference between revisions of "February 09, 2016"

From HL7Wiki
Jump to navigation Jump to search
(Created page with "Back to Security Work Group Main Page ==Attendees== {| class="wikitable" |- !x||'''Member Name'''|| !! x ||'''Member Name''' !!|| x ||'''Member Name''' !! |- ...")
 
 
(13 intermediate revisions by 4 users not shown)
Line 7: Line 7:
 
!x||'''Member Name'''|| !!  x ||'''Member Name''' !!|| x ||'''Member Name''' !!
 
!x||'''Member Name'''|| !!  x ||'''Member Name''' !!|| x ||'''Member Name''' !!
 
|-
 
|-
||x|| [mailto:mike.davis@va.gov Mike Davis]Security Co-chair  
+
|| x|| [mailto:Kathleen_Connor@comcast.net Kathleen Connor]Security Co-chair  
|||||| [mailto:duane.decouteau@gmail.com Duane DeCouteau]
+
||||x|| [mailto:duane.decouteau@gmail.com Duane DeCouteau]
 
||||.|| [mailto:Chris.R.Clark@wv.gov Chris Clark]
 
||||.|| [mailto:Chris.R.Clark@wv.gov Chris Clark]
 
|-
 
|-
|| x||   [mailto:john.moehrke@med.ge.com John Moehrke]Security Co-chair
+
|| x|| [mailto:john.moehrke@med.ge.com John Moehrke]Security Co-chair
|||||| [mailto:jc@securityrs.com Johnathan Coleman]
+
||||.|| [mailto:jc@securityrs.com Johnathan Coleman]
 
||||.|| [mailto:aaron.seib@2311.net Aaron Seib]
 
||||.|| [mailto:aaron.seib@2311.net Aaron Seib]
 
|-
 
|-
|| x||   [mailto:mense@fhtw.onmicrosoft.com Alexander Mense] Security Co-chair
+
|| .|| [mailto:mense@fhtw.onmicrosoft.com Alexander Mense] Security Co-chair
||||.|| [mailto:ken.salyards@samhsa.hhs.gov Ken Salyards]
+
||||.|| [mailto:ken.salyards@samhsa.hhs.gov Ken Salyards]
||||.|| [mailto:cbrown@socialcare.com Christopher D Brown] TX
+
||||.|| [mailto:cbrown@socialcare.com Christopher D Brown] TX
  
 
|-
 
|-
||.||   [mailto:trish.williams@ecu.edu.au Trish Williams]Security Co-chair
+
|| .|| [mailto:trish.williams@ecu.edu.au Trish Williams]Security Co-chair
 
||||.|| [mailto:gary.dickinson@ehr-standards.com Gary Dickinson]
 
||||.|| [mailto:gary.dickinson@ehr-standards.com Gary Dickinson]
||||x||[mailto:dsilver@electrosoft-inc.com Dave Silver]
+
||||x|| [mailto:dsilver@electrosoft-inc.com Dave Silver]
 
      
 
      
 
|-
 
|-
|| x|| [mailto:Kathleen_Connor@comcast.net Kathleen Connor]
+
|| x|| [mailto:mike.davis@va.gov Mike Davis]
 
||||.|| [mailto:ioana.singureanu@gmail.com Ioana Singureanu]
 
||||.|| [mailto:ioana.singureanu@gmail.com Ioana Singureanu]
||||x|| [mailto:mjafari@edmondsci.com Mohammed Jafari]
+
|||||| [mailto:mjafari@edmondsci.com Mohammed Jafari]
  
 
|-
 
|-
||x|| [mailto:Suzanne.Webb@engilitycorp.com Suzanne Gonzales-Webb]
+
|| x|| [mailto:Suzanne.Webb@engilitycorp.com Suzanne Gonzales-Webb]
 
||||x|| [mailto:mailto:robert.horn@agfa.com Rob Horn]  
 
||||x|| [mailto:mailto:robert.horn@agfa.com Rob Horn]  
||||.||[mailto:Galen.Mulrooney@JPSys.com Galen Mulrooney]
+
||||.|| [mailto:Galen.Mulrooney@JPSys.com Galen Mulrooney]
  
 
|-
 
|-
 
||  x|| [mailto:Diana.Proud-Madruga@engilitycorp.com Diana Proud-Madruga]
 
||  x|| [mailto:Diana.Proud-Madruga@engilitycorp.com Diana Proud-Madruga]
|||||| [mailto:Ken.Rubin@hp.com Ken Rubin]
+
||||.|| [mailto:Ken.Rubin@hp.com Ken Rubin]
|||| || [mailto:bkinsley@nextgen.com William Kinsley]
+
||||.|| [mailto:bkinsley@nextgen.com William Kinsley]
  
 
|-
 
|-
 
||  x|| [mailto:rgrow@technatomy.com Rick Grow]
 
||  x|| [mailto:rgrow@technatomy.com Rick Grow]
|||||| [mailto:pknapp@pknapp.com Paul Knapp]   
+
||||.|| [mailto:pknapp@pknapp.com Paul Knapp]   
 
||||.|| [mailto:Debbie.Bucci@hhs.gov Debbie Bucci]
 
||||.|| [mailto:Debbie.Bucci@hhs.gov Debbie Bucci]
 
|-
 
|-
  
 
||  x|| [mailto:gfm@securityrs.com Glen Marshall], SRS
 
||  x|| [mailto:gfm@securityrs.com Glen Marshall], SRS
|||||| [mailto:akleinebe@gmail.com Bill Kleinebecker ]
+
||||.|| [mailto:akleinebe@gmail.com Bill Kleinebecker ]
|||x||| [mailto:Christopher.Shawn2@va.gov Christopher Shawn]
+
||||x|| [mailto:Christopher.Shawn2@va.gov Christopher Shawn]
 
|-
 
|-
||  || [mailto:oliver@lawless.co Oliver Lawless]
+
||  .|| [mailto:oliver@lawless.co Oliver Lawless]
||||||  [mailto:robert.horn@agfa.com Rob Horn]
+
||||.||  [
|||||| [mailto:serafina.versaggi@gmail.com Serafina Versaggi ]
+
||||.|| [mailto:serafina.versaggi@gmail.com Serafina Versaggi ]
 
|-
 
|-
|| || [mailto:Beth.Pumo@kp.org Beth Pumo]
+
|| .|| [mailto:Beth.Pumo@kp.org Beth Pumo]
|||||| [mailto:russell.mcdonell@c-cost.com Russell McDonell]
+
||||.|| [mailto:russell.mcdonell@c-cost.com Russell McDonell]
|||||| [mailto:paul.petronelli@gmail.com Paul Petronelli ], Mobile Health
+
||||.|| [mailto:paul.petronelli@gmail.com Paul Petronelli ], Mobile Health
 
|-
 
|-
||  || [mailto:cdoss@ncat.edu Christopher Doss]
+
||  .|| [mailto:cdoss@ncat.edu Christopher Doss]
 
||||x|| [mailto:kamalinivaidya@systemsmadesimple.com Kamalini Vaidya]
 
||||x|| [mailto:kamalinivaidya@systemsmadesimple.com Kamalini Vaidya]
||||x|| [mailto:Stephanie Dyke ]
+
||||.|| [mailto: Stephanie Dyke ]
 
|-
 
|-
  
Line 68: Line 68:
 
==Agenda '''DRAFT'''==
 
==Agenda '''DRAFT'''==
 
# ''( 5 min)'' '''Roll Call, Agenda Approval'''
 
# ''( 5 min)'' '''Roll Call, Agenda Approval'''
# ''( 5 min)'' '''Approve [http://wiki.hl7.org/index.php?title=January_26,_2016_Security_Conference_Call January 26, 2016 Security WG Conference Call Minutes]
+
# ''( 5 min)'' '''Approve [http://wiki.hl7.org/index.php?title=February_02,_2016_Security_Conference_Call February 2, 2016 Security WG Conference Call Minutes]
# ''( 30 min)'' March 2016 Security WG Initial Harmonization Proposals
+
# ''( 30 min)'' '''March 2016 Security WG Initial Harmonization Proposals'''
 +
#*[http://www.hl7.org/documentcenter/public/harmonization/2016Mar/initial/2016Mar_HARM_INITIALPROPOSAL_VOCAB_SECURE_kathleen_connor_Change%20ActConsentDirective,%20ActConsentType%20vocab_20160207190712.doc Changes to SecurityCategoryObservationValue consent directive codes]
 +
#*[http://www.hl7.org/documentcenter/public/harmonization/2016Mar/initial/2016Mar_HARM_INITIALPROPOSAL_VOCAB_SECURE_kathleen_connor_Add%20ActUSPrivacyLaw%20to%20v-SECCATOBV_20160207190846.doc Add ActUSPrivacyLaw to v:SecurityCategoryObservationValue]
 +
#*[http://www.hl7.org/documentcenter/public/harmonization/2016Mar/initial/2016Mar_HARM_INITIALPROPOSAL_VOCAB_SECURE_kathleen_connor_New%20Obligation%20codes_20160207190923.doc New Obligation Codes]
 +
#*[http://www.hl7.org/documentcenter/public/harmonization/2016Mar/initial/2016Mar_HARM_INITIALPROPOSAL_VOCAB_SECURE_kathleen_connor_Augment%20ProvenanctEvent%20vocabulary_20160207220959.doc Augment ProvenanceEvent Vocabulary]
 
# ''( 5 min)'' ''' Privacy and Security by Design PSS discussion'''
 
# ''( 5 min)'' ''' Privacy and Security by Design PSS discussion'''
 
# ''( 5 min)'' '''Joint Vocabulary Alignment Update''' - Diana
 
# ''( 5 min)'' '''Joint Vocabulary Alignment Update''' - Diana
Line 78: Line 82:
  
 
==Minutes==
 
==Minutes==
 +
* Approval of Agenda unanimous
 +
* Approval of [http://wiki.hl7.org/index.php?title=February_02,_2016_Security_Conference_Call February 2, 2016 Security WG Conference Call Minutes] unanimous
 +
*Review [http://www.hl7.org/documentcenter/public/harmonization/2016Mar/initial/2016Mar_HARM_INITIALPROPOSAL_VOCAB_SECURE_kathleen_connor_Change%20ActConsentDirective,%20ActConsentType%20vocab_20160207190712.doc Changes to SecurityCategoryObservationValue consent directive codes]
 +
** discussion didn't come to an agreement.
 +
** Concern about Germany use case
 +
** defer approval until people can review
 +
*Review [http://www.hl7.org/documentcenter/public/harmonization/2016Mar/initial/2016Mar_HARM_INITIALPROPOSAL_VOCAB_SECURE_kathleen_connor_Add%20ActUSPrivacyLaw%20to%20v-SECCATOBV_20160207190846.doc Add ActUSPrivacyLaw to v:SecurityCategoryObservationValue]
 +
** bring forward codes that are specific in the USA
 +
*Review [http://www.hl7.org/documentcenter/public/harmonization/2016Mar/initial/2016Mar_HARM_INITIALPROPOSAL_VOCAB_SECURE_kathleen_connor_New%20Obligation%20codes_20160207190923.doc New Obligation Codes]
 +
** discussion that it is not clear how these obligations are intended to be used. The use case of sending these kinds of instructions is not clear. The definitions of the obligations given are not consistent with the discussion.
 +
** Kathleen will provide an updated copy for review
 +
* Review [http://www.hl7.org/documentcenter/public/harmonization/2016Mar/initial/2016Mar_HARM_INITIALPROPOSAL_VOCAB_SECURE_kathleen_connor_Augment%20ProvenanctEvent%20vocabulary_20160207220959.doc Augment ProvenanceEvent Vocabulary]
 +
** discussion of provenance event codes
 +
** Need offline review
 +
* Need offline review of these for approval next week
 +
* John can't make the FHIR Security call -- will cancel
 +
* EHR Joint Vocabulary Alignment meeting was canceled
 +
** Mike did submit new diagrams
 +
* PASS Access Control Conceptual Model
 +
** Response received from Bernd. Need to discuss Bernd's clarification and propose/vote on a resolution at the next Security meeting.

Latest revision as of 18:31, 16 February 2016

Back to Security Work Group Main Page

Attendees

x Member Name x Member Name x Member Name
x Kathleen ConnorSecurity Co-chair x Duane DeCouteau . Chris Clark
x John MoehrkeSecurity Co-chair . Johnathan Coleman . Aaron Seib
. Alexander Mense Security Co-chair . Ken Salyards . Christopher D Brown TX
. Trish WilliamsSecurity Co-chair . Gary Dickinson x Dave Silver
x Mike Davis . Ioana Singureanu Mohammed Jafari
x Suzanne Gonzales-Webb x Rob Horn . Galen Mulrooney
x Diana Proud-Madruga . Ken Rubin . William Kinsley
x Rick Grow . Paul Knapp . Debbie Bucci
x Glen Marshall, SRS . Bill Kleinebecker x Christopher Shawn
. Oliver Lawless . [ . Serafina Versaggi
. Beth Pumo . Russell McDonell . Paul Petronelli , Mobile Health
. Christopher Doss x Kamalini Vaidya . [mailto: Stephanie Dyke ]

Back to Security Main Page

Agenda DRAFT

  1. ( 5 min) Roll Call, Agenda Approval
  2. ( 5 min) Approve February 2, 2016 Security WG Conference Call Minutes
  3. ( 30 min) March 2016 Security WG Initial Harmonization Proposals
  4. ( 5 min) Privacy and Security by Design PSS discussion
  5. ( 5 min) Joint Vocabulary Alignment Update - Diana
  6. ( 5 min) FHIR Security report out - John / not covered
  7. ( 5 min) PASS Audit Conceptual Model – Diana

Note that there will be a FHIR Security call at 2pm PT/5pm ET See agenda at FHIR Security Agenda

Minutes

  • Approval of Agenda unanimous
  • Approval of February 2, 2016 Security WG Conference Call Minutes unanimous
  • Review Changes to SecurityCategoryObservationValue consent directive codes
    • discussion didn't come to an agreement.
    • Concern about Germany use case
    • defer approval until people can review
  • Review Add ActUSPrivacyLaw to v:SecurityCategoryObservationValue
    • bring forward codes that are specific in the USA
  • Review New Obligation Codes
    • discussion that it is not clear how these obligations are intended to be used. The use case of sending these kinds of instructions is not clear. The definitions of the obligations given are not consistent with the discussion.
    • Kathleen will provide an updated copy for review
  • Review Augment ProvenanceEvent Vocabulary
    • discussion of provenance event codes
    • Need offline review
  • Need offline review of these for approval next week
  • John can't make the FHIR Security call -- will cancel
  • EHR Joint Vocabulary Alignment meeting was canceled
    • Mike did submit new diagrams
  • PASS Access Control Conceptual Model
    • Response received from Bernd. Need to discuss Bernd's clarification and propose/vote on a resolution at the next Security meeting.