This wiki has undergone a migration to Confluence found Here
Difference between revisions of "June 21, 2016 Security Conference Call"
Jump to navigation
Jump to search
(5 intermediate revisions by 3 users not shown) | |||
Line 15: | Line 15: | ||
||||.|| [mailto:aaron.seib@2311.net Aaron Seib] | ||||.|| [mailto:aaron.seib@2311.net Aaron Seib] | ||
|- | |- | ||
− | || | + | || .|| [mailto:mense@fhtw.onmicrosoft.com Alexander Mense] Security Co-chair |
||||.|| [mailto:ken.salyards@samhsa.hhs.gov Ken Salyards] | ||||.|| [mailto:ken.salyards@samhsa.hhs.gov Ken Salyards] | ||
||||.|| [mailto:cbrown@socialcare.com Christopher D Brown] TX | ||||.|| [mailto:cbrown@socialcare.com Christopher D Brown] TX | ||
Line 22: | Line 22: | ||
|| .|| [mailto:trish.williams@ecu.edu.au Trish Williams]Security Co-chair | || .|| [mailto:trish.williams@ecu.edu.au Trish Williams]Security Co-chair | ||
||||.|| [mailto:gary.dickinson@ehr-standards.com Gary Dickinson] | ||||.|| [mailto:gary.dickinson@ehr-standards.com Gary Dickinson] | ||
− | |||| | + | ||||.|| [mailto:dsilver@electrosoft-inc.com Dave Silver] |
|- | |- | ||
Line 31: | Line 31: | ||
|- | |- | ||
|| x|| [mailto:Suzanne.Webb@engilitycorp.com Suzanne Gonzales-Webb] | || x|| [mailto:Suzanne.Webb@engilitycorp.com Suzanne Gonzales-Webb] | ||
− | |||| | + | ||||x|| [mailto:robert.horn@agfa.com Rob Horn] |
||||.|| [mailto:Galen.Mulrooney@JPSys.com Galen Mulrooney] | ||||.|| [mailto:Galen.Mulrooney@JPSys.com Galen Mulrooney] | ||
Line 40: | Line 40: | ||
|- | |- | ||
− | || | + | || .|| [mailto:rgrow@technatomy.com Rick Grow] |
||||.|| [mailto:pknapp@pknapp.com Paul Knapp] | ||||.|| [mailto:pknapp@pknapp.com Paul Knapp] | ||
− | |||| | + | ||||.|| [mailto:Mayada.Abdulmannan@va.gov Mayada Abdulmannan] |
|- | |- | ||
|| x|| [mailto:gfm@securityrs.com Glen Marshall], SRS | || x|| [mailto:gfm@securityrs.com Glen Marshall], SRS | ||
||||.|| [mailto:akleinebe@gmail.com Bill Kleinebecker ] | ||||.|| [mailto:akleinebe@gmail.com Bill Kleinebecker ] | ||
− | |||| | + | ||||.|| [mailto:Christopher.Shawn2@va.gov Christopher Shawn] |
|- | |- | ||
|| .|| [mailto:oliver@lawless.co Oliver Lawless] | || .|| [mailto:oliver@lawless.co Oliver Lawless] | ||
− | |||| | + | ||||x|| [mailto:grahameg@gmail.com Grahame Grieve] |
||||.|| [mailto:serafina.versaggi@gmail.com Serafina Versaggi ] | ||||.|| [mailto:serafina.versaggi@gmail.com Serafina Versaggi ] | ||
|- | |- | ||
Line 68: | Line 68: | ||
# ''(2 min)'' '''Roll Call, Agenda Approval''' | # ''(2 min)'' '''Roll Call, Agenda Approval''' | ||
# ''(3 min)'' '''Approve [http://wiki.hl7.org/index.php?title=June_14,_2016_Security_Conference_Call#Minutes Security WG June 14, 2016 Minutes] | # ''(3 min)'' '''Approve [http://wiki.hl7.org/index.php?title=June_14,_2016_Security_Conference_Call#Minutes Security WG June 14, 2016 Minutes] | ||
− | # ''(3 min)'' '''Approve [http://wiki.hl7.org/index.php?title=May_31,_2016_Security_Conference_Call Security WG | + | # ''(3 min)'' '''Approve [http://wiki.hl7.org/index.php?title=May_31,_2016_Security_Conference_Call Security WG May 31, 2016 Minutes] |
# ''(10 min)'' '''Update on FHIR Test Scripts Discussion with Aegis''' - Update from John. Kathleen to report on FM/Payer Connectathon Track proposals to include these. | # ''(10 min)'' '''Update on FHIR Test Scripts Discussion with Aegis''' - Update from John. Kathleen to report on FM/Payer Connectathon Track proposals to include these. | ||
# ''(20 min)'' '''[http://gforge.hl7.org/gf/download/docmanfileversion/9274/14375/High%20Level%20Info%20Model%20v0%200%207%20JMD.vsd Update on the PSAF Security Policy model]''' - Mike | # ''(20 min)'' '''[http://gforge.hl7.org/gf/download/docmanfileversion/9274/14375/High%20Level%20Info%20Model%20v0%200%207%20JMD.vsd Update on the PSAF Security Policy model]''' - Mike | ||
Line 81: | Line 81: | ||
==Minutes== | ==Minutes== | ||
+ | ** Chaired by John | ||
+ | * Continued discussion from CBCC call on FHIR Consent. | ||
+ | ** See http://wiki.hl7.org/index.php?title=FHIR_Consent_-_Grahame%27s_model#signature | ||
+ | ** Conversation continues on the FHIR 'chat' tool at https://chat.fhir.org/#narrow/stream/implementers/topic/Consent | ||
+ | ** The base policy autherizes nothing, but can assemble exceptions to authorize data (John) | ||
+ | ** The Autherization is Opt in Opt out with restrictions or Opt out with Exceptions (Would be a permission) | ||
+ | ** The Base policy is the Null policy (John) | ||
+ | ** It is based on XAML |
Latest revision as of 18:57, 28 June 2016
Back to Security Work Group Main Page
Attendees
x | Member Name | x | Member Name | x | Member Name | |||
---|---|---|---|---|---|---|---|---|
x | Kathleen ConnorSecurity Co-chair | . | Duane DeCouteau | . | Chris Clark | |||
X | John MoehrkeSecurity Co-chair | . | Johnathan Coleman | . | Aaron Seib | |||
. | Alexander Mense Security Co-chair | . | Ken Salyards | . | Christopher D Brown TX | |||
. | Trish WilliamsSecurity Co-chair | . | Gary Dickinson | . | Dave Silver | |||
x | Mike Davis | . | Ioana Singureanu | X | Mohammed Jafari | |||
x | Suzanne Gonzales-Webb | x | Rob Horn | . | Galen Mulrooney | |||
x | Diana Proud-Madruga | . | Ken Rubin | . | William Kinsley | |||
. | Rick Grow | . | Paul Knapp | . | Mayada Abdulmannan | |||
x | Glen Marshall, SRS | . | Bill Kleinebecker | . | Christopher Shawn | |||
. | Oliver Lawless | x | Grahame Grieve | . | Serafina Versaggi | |||
. | Beth Pumo | . | Russell McDonell | . | Paul Petronelli , Mobile Health | |||
. | Christopher Doss | . | Kamalini Vaidya | . | [mailto: TBD ] |
Agenda DRAFT
- (2 min) Roll Call, Agenda Approval
- (3 min) Approve Security WG June 14, 2016 Minutes
- (3 min) Approve Security WG May 31, 2016 Minutes
- (10 min) Update on FHIR Test Scripts Discussion with Aegis - Update from John. Kathleen to report on FM/Payer Connectathon Track proposals to include these.
- (20 min) Update on the PSAF Security Policy model - Mike
- (10 min) Standards Privacy Impact Assessment Cookbook - Rick
- (3 min) PASS Access Control Services Conceptual Model - Diana
- (3 min) PASS Audit Conceptual Model – Diana Kathleen asks whether review of audit in ISTPA and various Privacy Frameworks, FIPPs, EU Data Protection Regulation etc. such as [http://xml.coverpages.org/ISTPA-PrivacyManagementReferenceModelV20.pdf Privacy Management
Reference Model - A framework for resolving privacy policy requirements into operational privacy services and functions International Security, Trust & Privacy Alliance] and ISTPA Analysis of Privacy Principles: Making Privacy Operational have been added to landscape review.
- (2 min) Action Items, next call agenda, adjornment
Note that there will be a FHIR Security call at 2pm PT/5pm ET See agenda at FHIR Security Agenda
Minutes
- Chaired by John
- Continued discussion from CBCC call on FHIR Consent.
- See http://wiki.hl7.org/index.php?title=FHIR_Consent_-_Grahame%27s_model#signature
- Conversation continues on the FHIR 'chat' tool at https://chat.fhir.org/#narrow/stream/implementers/topic/Consent
- The base policy autherizes nothing, but can assemble exceptions to authorize data (John)
- The Autherization is Opt in Opt out with restrictions or Opt out with Exceptions (Would be a permission)
- The Base policy is the Null policy (John)
- It is based on XAML