This wiki has undergone a migration to Confluence found Here
Difference between revisions of "October 10, 2017 Security Conference Call"
Jump to navigation
Jump to search
| Line 62: | Line 62: | ||
○ Include the ability to use FHIR Audit Events to generate FHIR Accounting of Disclosure Resources | ○ Include the ability to use FHIR Audit Events to generate FHIR Accounting of Disclosure Resources | ||
• Add TF4FA and FHIR Contract for App Terms of Service and for Trust Contract to determine trading partner capabilities for e.g., consuming and enforcing computable consent directives | • Add TF4FA and FHIR Contract for App Terms of Service and for Trust Contract to determine trading partner capabilities for e.g., consuming and enforcing computable consent directives | ||
| − | • Add NIST SP 800-63, NIST SP 800-53, and NISTR 8062 to Security Standards section | + | • Add NIST SP 800-63, NIST SP 800-53, and NISTR 8062 to Security Standards section. |
| + | |||
==Minutes== | ==Minutes== | ||
*TBD Chaired. | *TBD Chaired. | ||
Revision as of 18:43, 10 October 2017
Contents
Attendees
| x | Member Name | x | Member Name | x | Member Name | x | Member Name | |||
|---|---|---|---|---|---|---|---|---|---|---|
| x | John MoehrkeSecurity Co-chair | x | Kathleen ConnorSecurity Co-chair | x | Alexander Mense Security Co-chair | . | Trish WilliamsSecurity Co-chair | |||
| x | Mike Davis | x | Suzanne Gonzales-Webb | x | David Staggs | x | Christopher Shawn | |||
| . | Mohammed Jafari | . | Beth Pumo | . | Ioana Singureanu | x | Rob Horn | |||
| x | Diana Proud-Madruga | . | Serafina Versaggi | x | Joe Lamy | . | Galen Mulrooney | |||
| . | Paul Knapp | . | Grahame Grieve | . | Johnathan Coleman | . | Aaron Seib | |||
| . | Ken Salyards | . | Christopher D Brown TX | . | Gary Dickinson | . | Dave Silver | |||
| . | Oliver Lawless | . | Ken Rubin | . | David Tao | . | Nathan Botts |
Agenda
- (3 min) Roll Call, Agenda Approval
- (10 min) Review and Approval of October 3rd Minutes.
- (10 min) Is Privacy Obsolete? Study Group wiki page with IOP? Listserve link. Update on project - Mike Davis and Chris Shawn
- (5 min) Update on Security WG Bulk Data Transfer Comments submission - John Moehrke
- (30 min) Review and draft Security WG comments on PAC comment guidelines and highlighted ISA items related to Security and CBCP Scope
- (2 min) FHIR Security call - Call will happen at 5PM ET/2PM PT
Meeting Materials
- Potential Comment Areas
• Upgrade maturity of data segmentation on CDA ○ Include FHIR Security labels as means to protect FHIR Bundles and Resources • Add FHIR Consent and Contract to emerging Consent Directive standards ○ Include use of both for individual Right of Access • Add FHIR Provenance to DPROV • Add FHIR Audit Event ○ Include the ability to use FHIR Audit Events to generate FHIR Accounting of Disclosure Resources • Add TF4FA and FHIR Contract for App Terms of Service and for Trust Contract to determine trading partner capabilities for e.g., consuming and enforcing computable consent directives • Add NIST SP 800-63, NIST SP 800-53, and NISTR 8062 to Security Standards section.
Minutes
- TBD Chaired.
- October 3rd Minutes reviewed.
- Agenda reviewe
- Is Privacy Obsolete? updates
- FHIR Bulk Data Transfer comments.
- Kathleen presented topics for HL7 comments on the ONC ISA 2018 for input by Security WG.
