This wiki has undergone a migration to Confluence found Here
Difference between revisions of "June 13, 2017 Security Conference Call"
Jump to navigation
Jump to search
(→Agenda) |
|||
(2 intermediate revisions by 2 users not shown) | |||
Line 55: | Line 55: | ||
=='''Agenda'''== | =='''Agenda'''== | ||
#''(2 min)'' '''Roll Call, Agenda Approval''' | #''(2 min)'' '''Roll Call, Agenda Approval''' | ||
− | #''(4 min)'' ''' Review and Approval of [http://wiki.hl7.org/index.php?title= | + | #''(4 min)'' ''' Review and Approval of [http://wiki.hl7.org/index.php?title=June_6,_2017_Security_Conference_Call Security WG Call Minutes June 6, 2017]''' |
#''(15 min)'' '''[http://wiki.hl7.org/index.php?title=HL7_WGM_MAY_2017_-_Madrid_Spain_Minutes Review and approval of Madrid Minutes]''' Chair | #''(15 min)'' '''[http://wiki.hl7.org/index.php?title=HL7_WGM_MAY_2017_-_Madrid_Spain_Minutes Review and approval of Madrid Minutes]''' Chair | ||
# ''(30 min)'' '''[http://wiki.hl7.org/index.php?title=HIMSS_2017_Patient_Choice HIMSS 2017 Next Steps] - Mike Davis | # ''(30 min)'' '''[http://wiki.hl7.org/index.php?title=HIMSS_2017_Patient_Choice HIMSS 2017 Next Steps] - Mike Davis | ||
Line 62: | Line 62: | ||
== Minutes == | == Minutes == | ||
+ | |||
+ | * Please note: Q= Question and A = Reply/ or Answer to the question | ||
+ | - Chaired by John | ||
+ | * Agenda Approved (Kathleen, Diana) | ||
+ | * Approved: Security WG Call Minutes June 6, 2017 (Mike, Kathleen) | ||
+ | - Approved of Madrid Minutes Chair | ||
+ | * Alex is working on the draft of charter | ||
+ | * Minutes approved from previous week (Alex, Kathleen) | ||
+ | - HIMSS 2017 Next Steps - Mike Davis, Duane D. | ||
+ | * Last week we looked at the Cascading Oath and Patient consent Oath and UMA | ||
+ | * Duane went over Demo examples on clinical forms that the rule engines make decisions on | ||
+ | ** Some decisions may require health data to be redacted such as in cases of research | ||
+ | ** Drug Drug interactions would not be affected in redaction | ||
+ | ** During clinical trials the patient data is identified within the research organization, but can also be redacted | ||
+ | * Three organization participating : | ||
+ | ** 1) Vet Health Admin (custodian/primary provider) | ||
+ | ** 2) Vet for Research project (Genetic Research) This week we are reviewing the research use case of the demonstration | ||
+ | ** 3) MyHin | ||
+ | ** VHA also has a clinical decision support group, unique as it can see all data | ||
+ | ** includes drug interactions | ||
+ | * We do not do any access control based on rights | ||
+ | * We are doing read access for the clinical flow | ||
+ | * New Patient consent was reviewed for the purpose of use of research and diagnostic report | ||
+ | * the data navigates to FHIR payload | ||
+ | * Veterans for Research: When viewing the same patient for example will have the patients drug abuse would be redacted and a new authorization would be established | ||
+ | ** Informed consent for treatment | ||
+ | - TF4FA Ballot Reconciliation update Review DOD Comments - Kathleen | ||
+ | * Kathleen: Review Mark Kramer discussion on negations to be reviewed | ||
+ | * Recommends we need more discussion on what happens in negotiation | ||
+ | * Domains may need to bridge their policies | ||
+ | * The consumers idea on trust need to be considered | ||
+ | * The services on negotiation are fundamental to trust framework | ||
+ | * comment 1 (John): We need to be clear on defining the negotiations between Domain communication | ||
+ | ** the abstract and script should further explain that negotiation can iterate multiple times to result in a negotiation | ||
+ | * Q (1) John (Kathleen): Would it be in band or out band? How would it happen in a interoperabile way? | ||
+ | * A (1) to Kathleen Question (Mike): Not in conceptual Model | ||
+ | * Comment 2 (Mike Davis): The Negotiations are established agreements between the domains | ||
+ | ** Mark may have an issue with how quickly the negotiation occurs | ||
+ | ** However, defined parameters are defined, and Domains are identified | ||
+ | * Comment 3 (Kathleen): Under the title Trust Service, the Trust Framework provide technical and operational rules, and each services provided are through exchange of token. | ||
+ | |||
+ | * FHIR Security Call - Please review front matter - John Moehrke | ||
+ | ** * A/I: Mike Davis will send the document to John with the links for the presentation to John to post to the FHIR Security Page to include in build |
Latest revision as of 18:19, 27 June 2017
Attendees
x | Member Name | x | Member Name | x | Member Name | x | Member Name | |||
---|---|---|---|---|---|---|---|---|---|---|
. | John MoehrkeSecurity Co-chair | x | Kathleen ConnorSecurity Co-chair | . | Alexander Mense Security Co-chair | . | Trish WilliamsSecurity Co-chair | |||
x | Mike Davis | x | Suzanne Gonzales-Webb | x | David Staggs | x | Mohammed Jafari | |||
x | Glen Marshall, SRS | x | Beth Pumo | . | Ioana Singureanu | . | Rob Horn | |||
x | Diana Proud-Madruga | . | Serafina Versaggi | x | Joe Lamy | . | Galen Mulrooney | |||
. | Duane DeCouteau | . | Chris Clark | . | Johnathan Coleman | . | Aaron Seib | |||
. | Ken Salyards | . | Christopher D Brown TX | . | Gary Dickinson | x | Dave Silver | |||
x | Rick Grow | . | William Kinsley | . | Paul Knapp | x | Mayada Abdulmannan | |||
. | Kamalini Vaidya | . | Bill Kleinebecker | x | Christopher Shawn | . | Grahame Grieve | |||
. | Oliver Lawless | . | Ken Rubin | . | David Tao | . | Nathan Botts |
Agenda
- (2 min) Roll Call, Agenda Approval
- (4 min) Review and Approval of Security WG Call Minutes June 6, 2017
- (15 min) Review and approval of Madrid Minutes Chair
- (30 min) HIMSS 2017 Next Steps - Mike Davis
- (5 min) TF4FA Ballot Reconciliation update Review DOD Comments - Kathleen
- (5 min) FHIR Security Call - Please review front matter - John Moehrke
Minutes
- Please note: Q= Question and A = Reply/ or Answer to the question
- Chaired by John
- Agenda Approved (Kathleen, Diana)
- Approved: Security WG Call Minutes June 6, 2017 (Mike, Kathleen)
- Approved of Madrid Minutes Chair
- Alex is working on the draft of charter
- Minutes approved from previous week (Alex, Kathleen)
- HIMSS 2017 Next Steps - Mike Davis, Duane D.
- Last week we looked at the Cascading Oath and Patient consent Oath and UMA
- Duane went over Demo examples on clinical forms that the rule engines make decisions on
- Some decisions may require health data to be redacted such as in cases of research
- Drug Drug interactions would not be affected in redaction
- During clinical trials the patient data is identified within the research organization, but can also be redacted
- Three organization participating :
- 1) Vet Health Admin (custodian/primary provider)
- 2) Vet for Research project (Genetic Research) This week we are reviewing the research use case of the demonstration
- 3) MyHin
- VHA also has a clinical decision support group, unique as it can see all data
- includes drug interactions
- We do not do any access control based on rights
- We are doing read access for the clinical flow
- New Patient consent was reviewed for the purpose of use of research and diagnostic report
- the data navigates to FHIR payload
- Veterans for Research: When viewing the same patient for example will have the patients drug abuse would be redacted and a new authorization would be established
- Informed consent for treatment
- TF4FA Ballot Reconciliation update Review DOD Comments - Kathleen
- Kathleen: Review Mark Kramer discussion on negations to be reviewed
- Recommends we need more discussion on what happens in negotiation
- Domains may need to bridge their policies
- The consumers idea on trust need to be considered
- The services on negotiation are fundamental to trust framework
- comment 1 (John): We need to be clear on defining the negotiations between Domain communication
- the abstract and script should further explain that negotiation can iterate multiple times to result in a negotiation
- Q (1) John (Kathleen): Would it be in band or out band? How would it happen in a interoperabile way?
- A (1) to Kathleen Question (Mike): Not in conceptual Model
- Comment 2 (Mike Davis): The Negotiations are established agreements between the domains
- Mark may have an issue with how quickly the negotiation occurs
- However, defined parameters are defined, and Domains are identified
- Comment 3 (Kathleen): Under the title Trust Service, the Trust Framework provide technical and operational rules, and each services provided are through exchange of token.
- FHIR Security Call - Please review front matter - John Moehrke
- * A/I: Mike Davis will send the document to John with the links for the presentation to John to post to the FHIR Security Page to include in build