Difference between revisions of "July 12, 2016 Security Conference Call"
(6 intermediate revisions by one other user not shown) | |||
Line 7: | Line 7: | ||
!x||'''Member Name'''|| !! x ||'''Member Name''' !!|| x ||'''Member Name''' !! | !x||'''Member Name'''|| !! x ||'''Member Name''' !!|| x ||'''Member Name''' !! | ||
|- | |- | ||
− | || || [mailto:Kathleen_Connor@comcast.net Kathleen Connor]Security Co-chair | + | || x|| [mailto:Kathleen_Connor@comcast.net Kathleen Connor]Security Co-chair |
||||.|| [mailto:duane.decouteau@gmail.com Duane DeCouteau] | ||||.|| [mailto:duane.decouteau@gmail.com Duane DeCouteau] | ||
||||.|| [mailto:Chris.R.Clark@wv.gov Chris Clark] | ||||.|| [mailto:Chris.R.Clark@wv.gov Chris Clark] | ||
|- | |- | ||
− | || | + | || x|| [mailto:john.moehrke@med.ge.com John Moehrke]Security Co-chair |
||||.|| [mailto:jc@securityrs.com Johnathan Coleman] | ||||.|| [mailto:jc@securityrs.com Johnathan Coleman] | ||
||||.|| [mailto:aaron.seib@2311.net Aaron Seib] | ||||.|| [mailto:aaron.seib@2311.net Aaron Seib] | ||
Line 22: | Line 22: | ||
|| .|| [mailto:trish.williams@ecu.edu.au Trish Williams]Security Co-chair | || .|| [mailto:trish.williams@ecu.edu.au Trish Williams]Security Co-chair | ||
||||.|| [mailto:gary.dickinson@ehr-standards.com Gary Dickinson] | ||||.|| [mailto:gary.dickinson@ehr-standards.com Gary Dickinson] | ||
− | |||| | + | ||||x|| [mailto:dsilver@electrosoft-inc.com Dave Silver] |
|- | |- | ||
Line 42: | Line 42: | ||
|| .|| [mailto:rgrow@technatomy.com Rick Grow] | || .|| [mailto:rgrow@technatomy.com Rick Grow] | ||
||||.|| [mailto:pknapp@pknapp.com Paul Knapp] | ||||.|| [mailto:pknapp@pknapp.com Paul Knapp] | ||
− | |||| | + | ||||x|| [mailto:Mayada.Abdulmannan@va.gov Mayada Abdulmannan] |
|- | |- | ||
|| x|| [mailto:gfm@securityrs.com Glen Marshall], SRS | || x|| [mailto:gfm@securityrs.com Glen Marshall], SRS | ||
||||.|| [mailto:akleinebe@gmail.com Bill Kleinebecker ] | ||||.|| [mailto:akleinebe@gmail.com Bill Kleinebecker ] | ||
− | |||| | + | ||||x|| [mailto:Christopher.Shawn2@va.gov Christopher Shawn] |
|- | |- | ||
|| .|| [mailto:oliver@lawless.co Oliver Lawless] | || .|| [mailto:oliver@lawless.co Oliver Lawless] | ||
Line 53: | Line 53: | ||
||||.|| [mailto:serafina.versaggi@gmail.com Serafina Versaggi ] | ||||.|| [mailto:serafina.versaggi@gmail.com Serafina Versaggi ] | ||
|- | |- | ||
− | || | + | || x|| [mailto:Beth.Pumo@kp.org Beth Pumo] |
||||.|| [mailto:russell.mcdonell@c-cost.com Russell McDonell] | ||||.|| [mailto:russell.mcdonell@c-cost.com Russell McDonell] | ||
||||.|| [mailto:paul.petronelli@gmail.com Paul Petronelli ], Mobile Health | ||||.|| [mailto:paul.petronelli@gmail.com Paul Petronelli ], Mobile Health | ||
Line 59: | Line 59: | ||
|| .|| [mailto:cdoss@ncat.edu Christopher Doss] | || .|| [mailto:cdoss@ncat.edu Christopher Doss] | ||
||||.|| [mailto:kamalinivaidya@systemsmadesimple.com Kamalini Vaidya] | ||||.|| [mailto:kamalinivaidya@systemsmadesimple.com Kamalini Vaidya] | ||
− | |||| | + | ||||x|| [mailto: David Staggs ] |
|- | |- | ||
|} | |} | ||
Line 78: | Line 78: | ||
==Minutes== | ==Minutes== | ||
− | * Chaired by John | + | * Chaired by John Moehrke |
− | + | * Approve Security WG June 28, 2016 Minutes (Approved: Mike, Suzanne) | |
− | |||
− | * Approve Security WG June 28, 2016 Minutes (Approved: Mike, | ||
* Update on the PSAF Security Policy model - Mike, Dave | * Update on the PSAF Security Policy model - Mike, Dave | ||
- Presentation was shared during the call: | - Presentation was shared during the call: | ||
Line 112: | Line 110: | ||
* HL7 Trust wiki Blockchain updates and new Kantara Blockchain & Smart Contracts Discussion Group, which meets 2 times a week for .5 hour to develop Blockchain, Smart Contracts, and Ledger Technologies use cases and briefing paper recommending next steps. call information | * HL7 Trust wiki Blockchain updates and new Kantara Blockchain & Smart Contracts Discussion Group, which meets 2 times a week for .5 hour to develop Blockchain, Smart Contracts, and Ledger Technologies use cases and briefing paper recommending next steps. call information | ||
− | + | * Kathleen/Blockchain: | |
− | Kathleen/Blockchain: | ||
- We've been following different Trust Framework | - We've been following different Trust Framework | ||
- We have a Wiki page with the list of Trust Framework and efforts on Blockchain | - We have a Wiki page with the list of Trust Framework and efforts on Blockchain | ||
Line 123: | Line 120: | ||
- Monitoring these efforts and emerging approach to Trust and Provenance and Health information on validation and access | - Monitoring these efforts and emerging approach to Trust and Provenance and Health information on validation and access | ||
- David: If you not a U.S. Federal Agency , you can still register a paper on Blockchain through the ONC announcement | - David: If you not a U.S. Federal Agency , you can still register a paper on Blockchain through the ONC announcement | ||
− | + | * Mike Davis Comments: It is a Providence approach, and would like to see how FHIR would be factored in the approach. | |
- It is not like a digital signature, but rather verifying the info is correct and all the parties involved in the chain can verify he info is correct. | - It is not like a digital signature, but rather verifying the info is correct and all the parties involved in the chain can verify he info is correct. | ||
- All Participants are responsible in the sharing of Data integrity | - All Participants are responsible in the sharing of Data integrity | ||
- No one can change the record without all the approval of all stakeholders | - No one can change the record without all the approval of all stakeholders | ||
− | + | * John Moehrke's Comments: Once a Block chain has been signed, it would prevent any change in the Blockchain, much like digital signature. It is a public measure by the set of peers, who would explain what their signature means or what they agree or not agree with in the chain. | |
+ | - John has a White paper on the topic of Blockchain and included link in the chat, Kathleen will link it to the Trust link | ||
+ | |||
+ | Approvals: | ||
+ | |||
+ | * John: we received confirmation we are to approve cochairs for FTFP of Paul Map (John, and Kathleen approved) | ||
+ | * Kathleen: Mike and Dave have been updating the policy driven architecture on Domain Analysis. a paper by Sunday on PSAF | ||
+ | - I submitted the PSAF document to on Sunday for September Ballot, waiting on confirmation | ||
+ | - (Kathleen and Mike Approved) |
Latest revision as of 19:16, 19 July 2016
Back to Security Work Group Main Page
Attendees
x | Member Name | x | Member Name | x | Member Name | |||
---|---|---|---|---|---|---|---|---|
x | Kathleen ConnorSecurity Co-chair | . | Duane DeCouteau | . | Chris Clark | |||
x | John MoehrkeSecurity Co-chair | . | Johnathan Coleman | . | Aaron Seib | |||
. | Alexander Mense Security Co-chair | . | Ken Salyards | . | Christopher D Brown TX | |||
. | Trish WilliamsSecurity Co-chair | . | Gary Dickinson | x | Dave Silver | |||
x | Mike Davis | . | Ioana Singureanu | X | Mohammed Jafari | |||
x | Suzanne Gonzales-Webb | x | Rob Horn | . | Galen Mulrooney | |||
x | Diana Proud-Madruga | . | Ken Rubin | . | William Kinsley | |||
. | Rick Grow | . | Paul Knapp | x | Mayada Abdulmannan | |||
x | Glen Marshall, SRS | . | Bill Kleinebecker | x | Christopher Shawn | |||
. | Oliver Lawless | x | Grahame Grieve | . | Serafina Versaggi | |||
x | Beth Pumo | . | Russell McDonell | . | Paul Petronelli , Mobile Health | |||
. | Christopher Doss | . | Kamalini Vaidya | x | [mailto: David Staggs ] |
Agenda DRAFT
- (2 min) Roll Call, Agenda Approval
- (3 min) Approve Security WG June 28, 2016 Minutes
- (10 min) Update on the PSAF Security Policy model - Mike
- (5 min) Standards Privacy Impact Assessment Cookbook - Rick
- (5 min) PASS Access Control Services Conceptual Model - Diana
- (5 min) PASS Audit Conceptual Model – Diana
- (10 min) HL7 Trust wiki Blockchain updates and new Kantara Blockchain & Smart Contracts Discussion Group, which meets 2 times a week for .5 hour to develop Blockchain, Smart Contracts, and Ledger Technologies use cases and briefing paper recommending next steps. call information
- (2 min) Action Items, next call agenda, adjournment
Note that there will be a FHIR Security call at 5pm ET See agenda at FHIR Security Agenda
Minutes
- Chaired by John Moehrke
- Approve Security WG June 28, 2016 Minutes (Approved: Mike, Suzanne)
- Update on the PSAF Security Policy model - Mike, Dave
- Presentation was shared during the call: - Dave Sliver, Chris Shawn, and Mike Davis continued work on PSAF - Main Level includes Privacy Security material beginning with High level Trust Framework Policy - This Expand trust framework introducing trust policies, level assurance, trust certificates, and remainder modeling -Input Policies are dependent on Harmonization policy -Trust Framework would establish the elements of Trust supported by the contract - Could have two or more Domain names, each domain would have its own set of policies - Through Trust Framework there is a harmonization between each Domain -
- Standards Privacy Impact Assessment Cookbook - Rick
- The PSS was approved the TFC - Updating document Ballot based on comments from SW and CBCC - Document will be send out to both groups to review and comment and send back by Thursday COB - New comments will be incorporated to send out by Sunday Deadline to HL7
- PASS Access Control Services Conceptual Model - Diana
- Completed all updates - reviewing doc - Expect to complete at the end of the week, will send out for final review to group - Obtain final confirmation from Barrett to withdraw negative vote -seeking to seeking publication by the end of July
- PASS Audit Conceptual Model – Diana
- We have meetings on Wednesdays - Sent out Meeting invite to SOA, CBCC, and Security list serve - Set up a wiki site and in process of loading supporting docs in wiki and Gforge - Ken Ruben (SOA) sent out email to cochairs on cloud Survey
- HL7 Trust wiki Blockchain updates and new Kantara Blockchain & Smart Contracts Discussion Group, which meets 2 times a week for .5 hour to develop Blockchain, Smart Contracts, and Ledger Technologies use cases and briefing paper recommending next steps. call information
- Kathleen/Blockchain:
- We've been following different Trust Framework - We have a Wiki page with the list of Trust Framework and efforts on Blockchain - ONC sent out a challenge/White Paper for Blockchain with implications on Health - New Kantara looking at usecases related to Health and Trust - New effort on patience owning data control - Smart contracts to enable health care consumers negotiating consent with providers and none covered entities - Canada has a group that developed tools for Canadians to obtain info from different entities based - Monitoring these efforts and emerging approach to Trust and Provenance and Health information on validation and access - David: If you not a U.S. Federal Agency , you can still register a paper on Blockchain through the ONC announcement
- Mike Davis Comments: It is a Providence approach, and would like to see how FHIR would be factored in the approach.
- It is not like a digital signature, but rather verifying the info is correct and all the parties involved in the chain can verify he info is correct. - All Participants are responsible in the sharing of Data integrity - No one can change the record without all the approval of all stakeholders
- John Moehrke's Comments: Once a Block chain has been signed, it would prevent any change in the Blockchain, much like digital signature. It is a public measure by the set of peers, who would explain what their signature means or what they agree or not agree with in the chain.
- John has a White paper on the topic of Blockchain and included link in the chat, Kathleen will link it to the Trust link
Approvals:
- John: we received confirmation we are to approve cochairs for FTFP of Paul Map (John, and Kathleen approved)
- Kathleen: Mike and Dave have been updating the policy driven architecture on Domain Analysis. a paper by Sunday on PSAF
- I submitted the PSAF document to on Sunday for September Ballot, waiting on confirmation - (Kathleen and Mike Approved)