This wiki has undergone a migration to Confluence found Here
Difference between revisions of "November 1, 2016 Security Conference Call"
Jump to navigation
Jump to search
m (→Attendees) |
|||
(One intermediate revision by the same user not shown) | |||
Line 40: | Line 40: | ||
||||.|| [mailto:bkinsley@nextgen.com William Kinsley] | ||||.|| [mailto:bkinsley@nextgen.com William Kinsley] | ||
||||.|| [mailto:pknapp@pknapp.com Paul Knapp] | ||||.|| [mailto:pknapp@pknapp.com Paul Knapp] | ||
− | |||| | + | ||||x|| [mailto:Mayada.Abdulmannan@va.gov Mayada Abdulmannan] |
|- | |- | ||
|| .|| [mailto:kamalinivaidya@systemsmadesimple.com Kamalini Vaidya] | || .|| [mailto:kamalinivaidya@systemsmadesimple.com Kamalini Vaidya] | ||
Line 69: | Line 69: | ||
* Approve [http://wiki.hl7.org/index.php?title=October_25,_2016_Security_Conference_Call Security WG October 25, 2016 call minutes] -- Beth/Diana - unanimous | * Approve [http://wiki.hl7.org/index.php?title=October_25,_2016_Security_Conference_Call Security WG October 25, 2016 call minutes] -- Beth/Diana - unanimous | ||
**Diana and Ken on SOA on FHIR | **Diana and Ken on SOA on FHIR | ||
− | * Service specification NSCI level II process was pre-FHIR service specification | + | ** Service specification NSCI level II process was pre-FHIR service specification |
− | * After FHIR if you take functions like evaluate and implement in FHIR server | + | ** After FHIR if you take functions like evaluate and implement in FHIR server |
− | * How to implement FHIR consistand SOA specs into FHIR | + | ** How to implement FHIR consistand SOA specs into FHIR |
− | * Leverage FHIR artifacts to adapt to service functional model | + | ** Leverage FHIR artifacts to adapt to service functional model |
− | * Resources and implementation guides used to constitute a FHIR enabled service | + | ** Resources and implementation guides used to constitute a FHIR enabled service |
− | * Action items to adapt FHIR peces as a collection as an emerging service | + | ** Action items to adapt FHIR peces as a collection as an emerging service |
− | * To produce a FHIR SOA Profile, and extent the resource extensions necessary that will service/profile sepcific | + | ** To produce a FHIR SOA Profile, and extent the resource extensions necessary that will service/profile sepcific |
− | * Implementation Guide will stitch all collective pieces to create the service | + | ** Implementation Guide will stitch all collective pieces to create the service |
* FHIR community allows customization, naming conventions will be used such as prefix and suffix of SOA etc | * FHIR community allows customization, naming conventions will be used such as prefix and suffix of SOA etc | ||
− | * SFM will continue to be produced | + | ** SFM will continue to be produced |
− | * Alot will happen in parallel | + | ** Alot will happen in parallel |
− | * The process will govern how SOA does its work that is service related using FHIR | + | ** The process will govern how SOA does its work that is service related using FHIR |
− | * Comment: Security Work group can have FHIR Framework that would have services- Mike Davis | + | ** Comment: Security Work group can have FHIR Framework that would have services- Mike Davis |
− | * Recommendation: please include Security services with Health Care services- Mike Davis | + | ** Recommendation: please include Security services with Health Care services- Mike Davis |
− | * If anyone wants updates they can subscribe to SOA list | + | ** If anyone wants updates they can subscribe to SOA list |
** [http://gforge.hl7.org/gf/download/docmanfileversion/9456/14844/SOA-FHIR%20Process%20v2.pptx SOA on FHIR] | ** [http://gforge.hl7.org/gf/download/docmanfileversion/9456/14844/SOA-FHIR%20Process%20v2.pptx SOA on FHIR] |
Latest revision as of 18:18, 4 January 2017
Back to Security Work Group Main Page
Attendees
x | Member Name | x | Member Name | x | Member Name | x | Member Name | |||
---|---|---|---|---|---|---|---|---|---|---|
x | John MoehrkeSecurity Co-chair | x | Kathleen ConnorSecurity Co-chair | x | Alexander Mense Security Co-chair | . | Trish WilliamsSecurity Co-chair | |||
x | Mike Davis | x | Suzanne Gonzales-Webb | . | David Staggs | . | Mohammed Jafari | |||
x | Glen Marshall, SRS | x | Beth Pumo | . | Ioana Singureanu | . | Rob Horn | |||
x | Diana Proud-Madruga | . | Serafina Versaggi | x | Joe Lamy | . | Galen Mulrooney | |||
. | Duane DeCouteau | . | Chris Clark | . | Johnathan Coleman | . | Aaron Seib | |||
. | Ken Salyards | . | Christopher D Brown TX | . | Gary Dickinson | . | Dave Silver | |||
. | Rick Grow | . | William Kinsley | . | Paul Knapp | x | Mayada Abdulmannan | |||
. | Kamalini Vaidya | . | Bill Kleinebecker | . | Christopher Shawn | . | Grahame Grieve | |||
. | Oliver Lawless | . | Ken Rubin | . | Paul Petronelli , Mobile Health | . | Russell McDonell |
Agenda DRAFT
- (2 min) Roll Call, Agenda Approval
- (3 min) Approve Security WG October 25, 2016 call minutes
- (15 min) PSAF/TF4TA Mike and Dave Silver to discuss any updates to the ballot material.
- (15 min) SOA on FHIR Diane and Ken Rubin
- (15 min) Review and Approval of the long overdue Security and Privacy DAM Reconcilation spreadsheet - Kathleen: We need to get these affirmative comments resolved and uploaded to the ballot site in order to get the DAM published and included in the 2017 Normative Edition.
- (3 min) PASS Audit Conceptual Model – Diana
- (2 min) FHIR AuditEvent and Provenance ballot comments & FHIR Security Call
Minutes
- John chaired
- Roll Call, Agenda Approval -- Mike/Glen - Unanimous
- Approve Security WG October 25, 2016 call minutes -- Beth/Diana - unanimous
- Diana and Ken on SOA on FHIR
- Service specification NSCI level II process was pre-FHIR service specification
- After FHIR if you take functions like evaluate and implement in FHIR server
- How to implement FHIR consistand SOA specs into FHIR
- Leverage FHIR artifacts to adapt to service functional model
- Resources and implementation guides used to constitute a FHIR enabled service
- Action items to adapt FHIR peces as a collection as an emerging service
- To produce a FHIR SOA Profile, and extent the resource extensions necessary that will service/profile sepcific
- Implementation Guide will stitch all collective pieces to create the service
- FHIR community allows customization, naming conventions will be used such as prefix and suffix of SOA etc
- SFM will continue to be produced
- Alot will happen in parallel
- The process will govern how SOA does its work that is service related using FHIR
- Comment: Security Work group can have FHIR Framework that would have services- Mike Davis
- Recommendation: please include Security services with Health Care services- Mike Davis
- If anyone wants updates they can subscribe to SOA list
- Mike and Dave Silver to discuss any updates to the ballot material.
- TF4FA using model open identity using trust specification
- We have a legal framework for Security and Privacy for requirements and consent
- We included certification criteria
- We included technical framework
- We maybe able to take the Trust model and make it FHIR specific
- Potentially Trust Technical Framework may match the services described for FHIR by Ken
- Models included:
- Trust services model is part of the Trust Services
- Domain Model
- Class Model- Policy info model to realize a domain policy
- Once we have trust framework services it will ultimately involve a legal framework
- Trust Services Model has seven identified services
- Requests would have user attributes, roles, clearances, and other access control information
- The purpose of use would have the User and Request attributes
- Each Domain will have Trust tokens
- Policy information Model is also included
- The context of IT841 is the security policy information File and guidelines
- Policy Vocabulary is included, as well as Policy Handeling instructions
- Kathleen mentioned need to review old ballot results next week Security and Privacy DAM Reconcilation spreadsheet - Kathleen: We need to get these affirmative comments resolved and uploaded to the ballot site in order to get the DAM published and included in the 2017 Normative Edition.
- FHIR AuditEvent and Provenance ballot comments & FHIR Security Call is planned- Diana