This wiki has undergone a migration to Confluence found Here
Difference between revisions of "HL7 FHIR Security 2016-7-12"
Jump to navigation
Jump to search
JohnMoehrke (talk | contribs) (Created page with "==Call Logistics== Weekly: '''Tuesday at 05:00 EST''' (2 PM PST) Conference Audio: '''770-657-9270,''' Access: '''845692'' '''Join online meeting: https://meet.RTC.VA.GOV/su...") |
JohnMoehrke (talk | contribs) (→Agenda) |
||
| Line 49: | Line 49: | ||
* approval of agenda | * approval of agenda | ||
* approval of the [http://wiki.hl7.org/index.php?title=HL7_FHIR_Security_2016-6-28 June 28, 2016 minutes] | * approval of the [http://wiki.hl7.org/index.php?title=HL7_FHIR_Security_2016-6-28 June 28, 2016 minutes] | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
* Update on action items | * Update on action items | ||
| − | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id= | + | *3318 -- assigned to Rick to work with Mike -- following the discussion in the CP |
| − | + | **[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=3318 3318] Clarify how to use RBAC and ABAC using FHIR () | |
| − | |||
*9564 -- assigned to John -- following the discussion in the CP | *9564 -- assigned to John -- following the discussion in the CP | ||
**[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=9564 9564] Should FHIR AuditEvent resource include DICOM extension of ATNA Audit log message ? () | **[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=9564 9564] Should FHIR AuditEvent resource include DICOM extension of ATNA Audit log message ? () | ||
*7568 -- assigned to Kathleen, seems this should be satisfid by 9840? -- following the discussion in the CP | *7568 -- assigned to Kathleen, seems this should be satisfid by 9840? -- following the discussion in the CP | ||
**[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=7568 7568] 2015May core #859 - How are agent and activity linked? () | **[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=7568 7568] 2015May core #859 - How are agent and activity linked? () | ||
| − | |||
| − | |||
*9042, 9043, 9052 -- assigned to Kathleen, she has the XML almost ready to go | *9042, 9043, 9052 -- assigned to Kathleen, she has the XML almost ready to go | ||
**[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=9042 9042] Add RBAC as value set for AuditEvent.participant.role () | **[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=9042 9042] Add RBAC as value set for AuditEvent.participant.role () | ||
| Line 78: | Line 69: | ||
* Discussion around Record Lifecycle events (6303)? Are we going to support this? Are the vocabulary done yet? (Gary will join) | * Discussion around Record Lifecycle events (6303)? Are we going to support this? Are the vocabulary done yet? (Gary will join) | ||
**[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=6303 6303] Add Record Lifecycle Events to AuditEventObjectLifecycle Set (Gary Dickinson) None | **[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=6303 6303] Add Record Lifecycle Events to AuditEventObjectLifecycle Set (Gary Dickinson) None | ||
| + | * How should 'test-data' be identified? Is this a legitimate use of security-tags? | ||
| + | ** It is clear that security-tags already support de-identified methods. The question is specifically about completely fabricated data. | ||
| + | ** See FHIR chat thread https://chat.fhir.org/#narrow/stream/implementers/topic/Distinguishing.20test.20patients | ||
| + | * De-Identification topics | ||
| + | ** mobile health workgroup http://lists.hl7.org/read/messages?id=297060 | ||
| + | ** FHIR chat https://chat.fhir.org/#narrow/stream/implementers/topic/De-identification.20mechanisms.20in.20FHIR | ||
| + | |||
| − | + | Prepare for a block vote for next week -- | |
**[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=9563 9563] Add onBehalfOf to Signature datatype () | **[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=9563 9563] Add onBehalfOf to Signature datatype () | ||
==Minutes== | ==Minutes== | ||
Revision as of 20:51, 12 July 2016
Contents
Call Logistics
Weekly: Tuesday at 05:00 EST (2 PM PST)
Conference Audio: 770-657-9270,' Access: 845692 Join online meeting: https://meet.RTC.VA.GOV/suzanne.gonzales-webb/67LLFDYV If you are having difficulty joining, please try: https://global.gotomeeting.com/join/520841173 Please be aware that teleconference meetings are recorded to assist with creating the meeting minutes
Back to HL7 FHIR security topics
Attendees
| Member Name | Member Name | Member Name | ||||||
|---|---|---|---|---|---|---|---|---|
| x | John Moehrke Security Co-Chair | . | Kathleen Connor Security Co-Chair | x | Suzanne Gonzales-Webb CBCC Co-Chair | |||
| x | Gary Dickinson EHR Co-Chair | . | Johnathan ColemanCBCC Co-Chair | . | Mike Davis | |||
| . | Reed Gelzer RM-ES Lead | . | Glen Marshal | . | Galen Mulrooney | |||
| . | Dave Silver | x | Rob Horn | . | Judy Fincher | |||
| x | Diana Proud-Madruga | . | Beth Pumo | x | Oliver Lawless | |||
| . | Bob Dieterle | . | Mario Hyland | . | Joe Lamy | |||
| . | Rick Grow | . | [mailto: Richard Etterma] | . | [mailto: Wayne Kubic] |
Agenda
- Roll;
- approval of agenda
- approval of the June 28, 2016 minutes
- Update on action items
- 3318 -- assigned to Rick to work with Mike -- following the discussion in the CP
- 3318 Clarify how to use RBAC and ABAC using FHIR ()
- 9564 -- assigned to John -- following the discussion in the CP
- 9564 Should FHIR AuditEvent resource include DICOM extension of ATNA Audit log message ? ()
- 7568 -- assigned to Kathleen, seems this should be satisfid by 9840? -- following the discussion in the CP
- 7568 2015May core #859 - How are agent and activity linked? ()
- 9042, 9043, 9052 -- assigned to Kathleen, she has the XML almost ready to go
- 9167 -- assigned to John, only creating an example AuditEvent -- following the discussion in the CP
- 9167 AuditEvent needs to make more obvious how to record a break-glass event ()
- 9996 -- assigned to Glen -- following the discussion in the CP
- 9996 Using Provenance resource to annotate content derived from non-FHIR sources ()
- FMM evaluation vs desire - We picked 4 last week -- We might want to re-evaluate to level 3. As level 4 means we would need to work hard to get "complete" testing tools and procedures at 100% of functionality. I think we should only target getting some testing ready.
- Discussion with Mario on getting prepared for next connectathon
- What use-case should we focus on? (Lab vs Financial vs Patient)
- Discussion around Record Lifecycle events (6303)? Are we going to support this? Are the vocabulary done yet? (Gary will join)
- 6303 Add Record Lifecycle Events to AuditEventObjectLifecycle Set (Gary Dickinson) None
- How should 'test-data' be identified? Is this a legitimate use of security-tags?
- It is clear that security-tags already support de-identified methods. The question is specifically about completely fabricated data.
- See FHIR chat thread https://chat.fhir.org/#narrow/stream/implementers/topic/Distinguishing.20test.20patients
- De-Identification topics
Prepare for a block vote for next week --
- 9563 Add onBehalfOf to Signature datatype ()
