This wiki has undergone a migration to Confluence found Here
Difference between revisions of "October 11, 2016 Security Conference Call"
Jump to navigation
Jump to search
JohnMoehrke (talk | contribs) |
|||
| (7 intermediate revisions by 3 users not shown) | |||
| Line 9: | Line 9: | ||
|| x|| [mailto:JohnMoerke@gmail.com John Moehrke]Security Co-chair | || x|| [mailto:JohnMoerke@gmail.com John Moehrke]Security Co-chair | ||
||||x|| [mailto:Kathleen_Connor@comcast.net Kathleen Connor]Security Co-chair | ||||x|| [mailto:Kathleen_Connor@comcast.net Kathleen Connor]Security Co-chair | ||
| − | |||| | + | ||||.|| [mailto:mense@fhtw.onmicrosoft.com Alexander Mense] Security Co-chair |
||||.|| [mailto:trish.williams@ecu.edu.au Trish Williams]Security Co-chair | ||||.|| [mailto:trish.williams@ecu.edu.au Trish Williams]Security Co-chair | ||
|- | |- | ||
| Line 37: | Line 37: | ||
||||.|| [mailto:dsilver@electrosoft-inc.com Dave Silver] | ||||.|| [mailto:dsilver@electrosoft-inc.com Dave Silver] | ||
|- | |- | ||
| − | || | + | || x|| [mailto:rgrow@technatomy.com Rick Grow] |
||||.|| [mailto:bkinsley@nextgen.com William Kinsley] | ||||.|| [mailto:bkinsley@nextgen.com William Kinsley] | ||
||||.|| [mailto:pknapp@pknapp.com Paul Knapp] | ||||.|| [mailto:pknapp@pknapp.com Paul Knapp] | ||
| − | |||| | + | ||||x|| [mailto:Mayada.Abdulmannan@va.gov Mayada Abdulmannan] |
|- | |- | ||
|| .|| [mailto:kamalinivaidya@systemsmadesimple.com Kamalini Vaidya] | || .|| [mailto:kamalinivaidya@systemsmadesimple.com Kamalini Vaidya] | ||
| Line 60: | Line 60: | ||
# ''(10 min)'' '''PSS Document Sharing''' Approve our co-sponsorship with goal to show how security is applied to a broader workflow through specifics on AuditEvent use, and OAuth use. Secondary goal to create end-to-end security testing for connectathon. | # ''(10 min)'' '''PSS Document Sharing''' Approve our co-sponsorship with goal to show how security is applied to a broader workflow through specifics on AuditEvent use, and OAuth use. Secondary goal to create end-to-end security testing for connectathon. | ||
# ''(15 min)'' '''PSAF Ballot v.next''' Mike to discuss anticipated updates in response to ballot comments and new development. Determine next ballot level and possible renaming to prep for NIB submission by 10-31. | # ''(15 min)'' '''PSAF Ballot v.next''' Mike to discuss anticipated updates in response to ballot comments and new development. Determine next ballot level and possible renaming to prep for NIB submission by 10-31. | ||
| − | # ''(15 min)'' '''[http://gforge.hl7.org/gf/download/docmanfileversion/9433/14780/2016Nov%20HARM%20INTIALPROPOSAL%20SECURITY%20Additional%20Purpose%20of%20Use.doc Nov Harmonization Proposal Review]''' Initial | + | # ''(15 min)'' '''[http://gforge.hl7.org/gf/download/docmanfileversion/9433/14780/2016Nov%20HARM%20INTIALPROPOSAL%20SECURITY%20Additional%20Purpose%20of%20Use.doc Nov Harmonization Proposal Review]''' Also, new ActReason for overriding need for consent - incompetency; 5 new Compartment codes; and technical corrections to SecurityObservationValue value set. Initial submissions due date Nov. 14 - Kathleen |
# ''(5 min)'' '''PASS Audit Conceptual Model''' – Diana | # ''(5 min)'' '''PASS Audit Conceptual Model''' – Diana | ||
# ''(5 min)'' '''FHIR AuditEvent and Provenance ballot comments & FHIR Security Call reminder''' - John | # ''(5 min)'' '''FHIR AuditEvent and Provenance ballot comments & FHIR Security Call reminder''' - John | ||
| Line 66: | Line 66: | ||
==Minutes== | ==Minutes== | ||
| − | + | * John Chaired | |
| − | * | + | * approval of agenda - Kathleen/Suzanne - unanimous |
| − | * | + | * approval of minutes of 4th - Glen/Rick - unanimous |
| − | * | + | * not approving minutes from 13th as they are not done yet |
| + | * Review PSS - Document Sharing | ||
| + | ** Motion to approve co-sponsorship - Glen/Kathleen - unanimous | ||
| + | ** Security WKG is co-sponsor | ||
| + | ** Smart on FHIR comes with Apendix (Grahm) | ||
| + | ** Each member organization needs harmonization | ||
| + | ** As co-sponsor we can help harmonize which OATH will work | ||
| + | ** We are to provide landscape analysis of bridging concerns (Kathleen) | ||
| + | ** Security WKG role is to review all concerns of competing parties | ||
| + | * PSAF Ballot- Mike Davis | ||
| + | ** NTR | ||
| + | * Nov Harmonization Proposal Review Also, new ActReason for overriding need for consent - incompetency; 5 new Compartment codes; and technical corrections to SecurityObservationValue value set. Initial submissions due date Nov. 14 - Kathleen | ||
| + | **Need approval of initial submission | ||
| + | ** Due Nov 14th | ||
| + | ** Intially completed and submitted in July, but was pulled out to see if it is too granular | ||
| + | ** There are two codes for purpose of use, one is used for eHealth exchange. | ||
| + | ** Next step: to meet Friday Nov 14th | ||
| + | |||
| + | * Review Vocabulary proposal from Kathleen | ||
| + | ** Concern with expansion of PurposeOfUse | ||
| + | *** Are these values specific enough? | ||
| + | *** are they intended to be categories? ==> Categories | ||
| + | ** Mike recommends we schedule a specific meeting to go deeper. | ||
| + | ** the Vetting of Vocab WKG is approved | ||
| + | ** Recommendation to make clinical Trial a parent rather than a lease for health care Biomedical research | ||
| + | ** Specific Branches should be specific (profiles) such as Cancer or inherited disease | ||
| + | ** Some patients prefer not to share all health care info for research | ||
| + | ** Comment: Mohammad: There is no clear semantics on what constitutes as research | ||
| + | ***Patient consent is not the only place where purpose of use is needed | ||
| + | ***Vocab having a hierarchy can help make it more granular | ||
| + | *** Some patients may opt out for example genetic research | ||
| + | **Comment Glen: This is Policy Level vs. Operational level | ||
| + | *** The consent created is to group different types of studies to different types of consent | ||
| + | *** Action: Kathleen to schedule focused call | ||
| + | ** John indicates that we should look to propose new signature types from Kathleen comment on FHIR | ||
| + | * FHIR Security meeting will be held | ||
| + | * Adjourned | ||
Latest revision as of 15:05, 28 October 2016
Back to Security Work Group Main Page
Attendees
| x | Member Name | x | Member Name | x | Member Name | x | Member Name | |||
|---|---|---|---|---|---|---|---|---|---|---|
| x | John MoehrkeSecurity Co-chair | x | Kathleen ConnorSecurity Co-chair | . | Alexander Mense Security Co-chair | . | Trish WilliamsSecurity Co-chair | |||
| x | Mike Davis | x | Suzanne Gonzales-Webb | x | David Staggs | x | Mohammed Jafari | |||
| x | Glen Marshall, SRS | . | Beth Pumo | . | Ioana Singureanu | . | Rob Horn | |||
| x | Diana Proud-Madruga | . | Serafina Versaggi | . | Joe Lamy | . | Galen Mulrooney | |||
| . | Duane DeCouteau | . | Chris Clark | . | Johnathan Coleman | . | Aaron Seib | |||
| . | Ken Salyards | . | Christopher D Brown TX | . | Gary Dickinson | . | Dave Silver | |||
| x | Rick Grow | . | William Kinsley | . | Paul Knapp | x | Mayada Abdulmannan | |||
| . | Kamalini Vaidya | . | Bill Kleinebecker | x | Christopher Shawn | . | Grahame Grieve | |||
| . | Oliver Lawless | . | Ken Rubin | . | Paul Petronelli , Mobile Health | . | Russell McDonell |
Agenda DRAFT
- (2 min) Roll Call, Agenda Approval
- (5 min) Approve Security WG October 4, 2016 call minutes and Security WG September 13, 2016 Minutesif these are available.
- (10 min) PSS Document Sharing Approve our co-sponsorship with goal to show how security is applied to a broader workflow through specifics on AuditEvent use, and OAuth use. Secondary goal to create end-to-end security testing for connectathon.
- (15 min) PSAF Ballot v.next Mike to discuss anticipated updates in response to ballot comments and new development. Determine next ballot level and possible renaming to prep for NIB submission by 10-31.
- (15 min) Nov Harmonization Proposal Review Also, new ActReason for overriding need for consent - incompetency; 5 new Compartment codes; and technical corrections to SecurityObservationValue value set. Initial submissions due date Nov. 14 - Kathleen
- (5 min) PASS Audit Conceptual Model – Diana
- (5 min) FHIR AuditEvent and Provenance ballot comments & FHIR Security Call reminder - John
FHIR Security Ballot comment and CP review and FHIM modeling of PSAF - See agenda at FHIR Security Agenda
Minutes
- John Chaired
- approval of agenda - Kathleen/Suzanne - unanimous
- approval of minutes of 4th - Glen/Rick - unanimous
- not approving minutes from 13th as they are not done yet
- Review PSS - Document Sharing
- Motion to approve co-sponsorship - Glen/Kathleen - unanimous
- Security WKG is co-sponsor
- Smart on FHIR comes with Apendix (Grahm)
- Each member organization needs harmonization
- As co-sponsor we can help harmonize which OATH will work
- We are to provide landscape analysis of bridging concerns (Kathleen)
- Security WKG role is to review all concerns of competing parties
- PSAF Ballot- Mike Davis
- NTR
- Nov Harmonization Proposal Review Also, new ActReason for overriding need for consent - incompetency; 5 new Compartment codes; and technical corrections to SecurityObservationValue value set. Initial submissions due date Nov. 14 - Kathleen
- Need approval of initial submission
- Due Nov 14th
- Intially completed and submitted in July, but was pulled out to see if it is too granular
- There are two codes for purpose of use, one is used for eHealth exchange.
- Next step: to meet Friday Nov 14th
- Review Vocabulary proposal from Kathleen
- Concern with expansion of PurposeOfUse
- Are these values specific enough?
- are they intended to be categories? ==> Categories
- Mike recommends we schedule a specific meeting to go deeper.
- the Vetting of Vocab WKG is approved
- Recommendation to make clinical Trial a parent rather than a lease for health care Biomedical research
- Specific Branches should be specific (profiles) such as Cancer or inherited disease
- Some patients prefer not to share all health care info for research
- Comment: Mohammad: There is no clear semantics on what constitutes as research
- Patient consent is not the only place where purpose of use is needed
- Vocab having a hierarchy can help make it more granular
- Some patients may opt out for example genetic research
- Comment Glen: This is Policy Level vs. Operational level
- The consent created is to group different types of studies to different types of consent
- Action: Kathleen to schedule focused call
- John indicates that we should look to propose new signature types from Kathleen comment on FHIR
- Concern with expansion of PurposeOfUse
- FHIR Security meeting will be held
- Adjourned
