This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

Difference between revisions of "August 1, 2017 Security Conference Call"

From HL7Wiki
Jump to navigation Jump to search
Line 80: Line 80:
 
** Data labeling provides the ability to share with protections for eg: treatment services (Mike)
 
** Data labeling provides the ability to share with protections for eg: treatment services (Mike)
 
** By labeling the data can provide a better type of control as mitigation for information blocking
 
** By labeling the data can provide a better type of control as mitigation for information blocking
 +
** Trust framework keeps everyone on the same level of sharing, when it should be different level of authorizations (Mike)
 
** Data segmentation can enable the sharing of information (Kathleen)  
 
** Data segmentation can enable the sharing of information (Kathleen)  
 
** The word consent was used once in the entire deck  
 
** The word consent was used once in the entire deck  

Revision as of 18:59, 8 August 2017

Back to Security Main Page

Attendees

x Member Name x Member Name x Member Name x Member Name
. John MoehrkeSecurity Co-chair x Kathleen ConnorSecurity Co-chair . Alexander Mense Security Co-chair . Trish WilliamsSecurity Co-chair
x Mike Davis x Suzanne Gonzales-Webb x David Staggs x Mohammed Jafari
x Glen Marshall, SRS x Beth Pumo . Ioana Singureanu . Rob Horn
x Diana Proud-Madruga . Serafina Versaggi x Joe Lamy . Galen Mulrooney
. Duane DeCouteau . Chris Clark . Johnathan Coleman . Aaron Seib
. Ken Salyards . Christopher D Brown TX . Gary Dickinson x Dave Silver
x Rick Grow . William Kinsley . Paul Knapp x Mayada Abdulmannan
. Kamalini Vaidya . Bill Kleinebecker x Christopher Shawn . Grahame Grieve
. Oliver Lawless . Ken Rubin . David Tao . Nathan Botts

Back to Security Main Page

Agenda

  1. (2 min) Roll Call, Agenda Approval
  2. (4 min) Review and Approval of Security WG Call Minutes July 25, 2017
  3. (10 min) 21st Century Cures Act Trusted Exchange Framework and Common Agreement Public Comments HL7 Policy Advisory Committee is soliciting Security and CBCC WG responses to the comment areas listed by August 14th for inclusion in HL7's response. - Kathleen
  4. (10 min) No FHIR Security call today- John

News and Review Material

Minutes

  • Chaired by Kathleen
  • Agenda Approved
  • Approved Security WG Call Minutes July 25, 2017- Captured by John (Mike, Chris)
  • 21st Century Cures Act Trusted Exchange Framework and Common Agreement Public Comments HL7 Policy Advisory Committee is soliciting Security and CBCC WG responses to the comment areas listed by August 14th for inclusion in HL7's response. - Kathleen
    • Reviewed slide deck
    • three papers came out of patient inquires by Genevieve Morrison
    • Legally Technology the law requires it to corroborate with the current trust framework
    • Mike requested to review Section 3022-A definition (Information Blocking)- (Prevents sharing of Health Information, Federal law does not require an opt-in for sharing of health information)
    • Opt-in should not be considered as Information Blocking
    • It can prevent providers from uploading health information
    • Data labeling provides the ability to share with protections for eg: treatment services (Mike)
    • By labeling the data can provide a better type of control as mitigation for information blocking
    • Trust framework keeps everyone on the same level of sharing, when it should be different level of authorizations (Mike)
    • Data segmentation can enable the sharing of information (Kathleen)
    • The word consent was used once in the entire deck
    • If everyone is to exchange data freely, health information exchanges should have option to opt-out or notice of privacy practices
    • Not all of the listed Health information exchanges have guidance of opting out
    • (Kathleen): Genevieve Morrison's paper states "OCR must develop and discriminate guidance for health information org. on best practice that patient information is private, secure, accurate, verifiable, and consent of patient data can be easily exchanged"- this served as her interpretation of what is legally required
    • Morrison's comment may require an opt-in to be a law


  • No FHIR Security call today- John