Difference between revisions of "November 21, 2017 Security Conference Call"
(Created page with "Back to Security Main Page ==Attendees== {| class="wikitable" |- !x||'''Member Name'''|| !! x ||'''Member Name''' !!|| x ||'''Member Name''' !!|| x ||'''Member...") |
|||
| Line 56: | Line 56: | ||
*Agenda informally approved. | *Agenda informally approved. | ||
*Minutes from November 14th were reviewed. XX moved to approve, XX seconded. Minutes approved | *Minutes from November 14th were reviewed. XX moved to approve, XX seconded. Minutes approved | ||
| + | ==Meeting Material== | ||
| + | *[https://gforge.hl7.org/gf/project/security/docman/HL7%20Security%20and%20Privacy%20Policy/HL7%20ONC%202018%20ISA%20Input%20-%20FINAL.pdf HL7 Response Letter ONC ISA 2018 Comments Submitted to ONC]] | ||
| + | HL7 submits comments on ONC 2018 Interoperability Standards Advisory highlighting VA sponsored privacy and security standards: | ||
| + | The Security and Community Based Care and Privacy Work Groups appreciate that HL7 Executive Board highlighted the Work Groups comments: "Considering the increased focus on security and privacy as health data is shared across providers, we have included | ||
| + | various comments on the inclusion of security labels in Section I Vocabulary, and across a variety of interoperability | ||
| + | needs in Section II. This includes: | ||
| + | o The SAMHA stewarded NIH VSAC sensitive clinical code value sets, which enable the computable | ||
| + | assignment of security labels; | ||
| + | o The HL7 vocabulary referenced by the HL7 Privacy and Security Healthcare Classification System (HCS), | ||
| + | which are used for security labeling across HL7 Product Families. | ||
| + | This vocabulary is used or required by HL7 Version 2 CON and ARV segments, CDA Consent Directive, Data | ||
| + | Segmentation for Privacy, and Data Provenance Implementation Guides; and the FHIR AuditEvent, Provenance, and | ||
| + | Consent and Contract (typed as a privacy consent directive) Resources to convey computable privacy, consent, | ||
| + | security, provenance, and trust policies." | ||
Revision as of 22:58, 20 November 2017
Contents
Attendees
| x | Member Name | x | Member Name | x | Member Name | x | Member Name | |||
|---|---|---|---|---|---|---|---|---|---|---|
| . | John Moehrke Security Co-chair | x | Kathleen Connor Security Co-chair | x | Alexander Mense Security Co-chair | . | Trish Williams Security Co-chair | |||
| x | Christopher Shawn Security Co-chair | x | Suzanne Gonzales-Webb | x | Mike Davis | x | David Staggs | |||
| . | Mohammed Jafari | . | Beth Pumo | . | Ioana Singureanu | . | Rob Horn | |||
| x | Diana Proud-Madruga | . | Serafina Versaggi | x | Joe Lamy | x | Greg Linden | |||
| . | Paul Knapp | . | Grahame Grieve | . | Johnathan Coleman | . | Aaron Seib | |||
| . | Ken Salyards | . | Jim Kretz | . | Gary Dickinson | x | Dave Silver | |||
| . | Oliver Lawless | . | Lisa Nelson | . | David Tao | . | Nathan Botts |
Agenda
- (2 min) Roll Call, Agenda Approval
- (3 min) Review and Approval of November 14, 2017 minutes
- (5 min) PSAF cancelled so no report out. Is Privacy Obsolete Study Group report - Mike has made substantial progress in his analysis of international Privacy Policies. - Chris
- (10 min) 2017Nov HARM FINALPROPOSAL SECURITY Sensitivity Codes Ready for final review and approval for submission by deadline. - Kathleen
- (30 min) Need to Update HL7 V2 Privacy and Security section in HL7 v2. Should Security and CBCP collaborate on an update? Dallas Haselhorst, author of the v2 Security risks will present on his articles (links at the wiki page) - Kathleen and Dallas
- (5 min) FHIR Security Report out - Call later? - John Moehrke
Minutes
- Chris Shawn chaired.
- Agenda informally approved.
- Minutes from November 14th were reviewed. XX moved to approve, XX seconded. Minutes approved
Meeting Material
HL7 submits comments on ONC 2018 Interoperability Standards Advisory highlighting VA sponsored privacy and security standards: The Security and Community Based Care and Privacy Work Groups appreciate that HL7 Executive Board highlighted the Work Groups comments: "Considering the increased focus on security and privacy as health data is shared across providers, we have included various comments on the inclusion of security labels in Section I Vocabulary, and across a variety of interoperability needs in Section II. This includes: o The SAMHA stewarded NIH VSAC sensitive clinical code value sets, which enable the computable assignment of security labels; o The HL7 vocabulary referenced by the HL7 Privacy and Security Healthcare Classification System (HCS), which are used for security labeling across HL7 Product Families. This vocabulary is used or required by HL7 Version 2 CON and ARV segments, CDA Consent Directive, Data Segmentation for Privacy, and Data Provenance Implementation Guides; and the FHIR AuditEvent, Provenance, and Consent and Contract (typed as a privacy consent directive) Resources to convey computable privacy, consent, security, provenance, and trust policies."
