This wiki has undergone a migration to Confluence found Here
Difference between revisions of "April 10, 2018 Security Conference Call"
Jump to navigation
Jump to search
| Line 23: | Line 23: | ||
||||.|| [mailto:glinden@lindentechadvisiors.com Greg Linden] | ||||.|| [mailto:glinden@lindentechadvisiors.com Greg Linden] | ||
|- | |- | ||
| − | || | + | || x|| [mailto:rhonna.clark@va.gov Rhonna Clark] |
||||.|| [mailto:grahameg@gmail.com Grahame Grieve] | ||||.|| [mailto:grahameg@gmail.com Grahame Grieve] | ||
||||.|| [mailto:jc@securityrs.com Johnathan Coleman] | ||||.|| [mailto:jc@securityrs.com Johnathan Coleman] | ||
| − | ||||.|| [mailto: | + | ||||.|| [mailto: |
|- | |- | ||
| − | || .|| [mailto: | + | || .|| [mailto: |
||||x|| [mailto:jim.kretz@samhsa.gov Jim Kretz] | ||||x|| [mailto:jim.kretz@samhsa.gov Jim Kretz] | ||
| − | ||||.|| [mailto: | + | ||||.|| [mailto: |
||||x|| [mailto:dsilver@electrosoft-inc.com Dave Silver] | ||||x|| [mailto:dsilver@electrosoft-inc.com Dave Silver] | ||
|- | |- | ||
| Line 39: | Line 39: | ||
|- | |- | ||
||. || [mailto:mjafari@edmondsci.com Mohammed Jafari] | ||. || [mailto:mjafari@edmondsci.com Mohammed Jafari] | ||
| − | ||||.|| [mailto: | + | ||||.|| [mailto: |
||||.|| [mailto:pbspamfilteracct@gmail.com Peter Bachman] | ||||.|| [mailto:pbspamfilteracct@gmail.com Peter Bachman] | ||
||||x|| [mailto: Matt Blackman, Sequoia] | ||||x|| [mailto: Matt Blackman, Sequoia] | ||
| Line 82: | Line 82: | ||
(DRAFT) | (DRAFT) | ||
* picking up on themes discussed | * picking up on themes discussed | ||
| + | * adjustments made to the Security WGM agenda (discussion) | ||
| + | |||
* opening Security WG | * opening Security WG | ||
<<add link>> | <<add link>> | ||
| − | * | + | * Updates on ballot, TEFCA |
| + | |||
| + | * DRAFT, not final) | ||
Revision as of 19:33, 10 April 2018
Attendees
| x | Member Name | x | Member Name | x | Member Name | x | Member Name | |||
|---|---|---|---|---|---|---|---|---|---|---|
| x | John Moehrke Security Co-chair | x | Kathleen Connor Security Co-chair | x | Alexander Mense Security Co-chair | . | Trish Williams Security Co-chair | |||
| x | Christopher Shawn Security Co-chair | x | Suzanne Gonzales-Webb | x | Mike Davis | x | David Staggs | |||
| x | Diana Proud-Madruga | x | Francisco Jauregui | x | Joe Lamy | . | Greg Linden | |||
| x | Rhonna Clark | . | Grahame Grieve | . | Johnathan Coleman | . | [mailto: | |||
| . | [mailto: | x | Jim Kretz | . | [mailto: | x | Dave Silver | |||
| . | Beth Pumo | . | Bo Dagnall | . | Riki Merrick | . | Theresa Connor | |||
| . | Mohammed Jafari | . | [mailto: | . | Peter Bachman | x | [mailto: Matt Blackman, Sequoia] |
Agenda
- (2 min) Roll Call, Agenda Approval
- (5 min) Review and Approval of April 3rd minutes
- (5 min) TF4FA Normative Ballot - time to vote - Mike
- (15 min) FHIR Security Updates - John
- (15 min) Security Cologne May WGM Agenda - Kathleen
Meeting Minutes DRAFT
Chris Shawn, chair Roll Call, Agenda Review, Meeting Minutes approval
http://wiki.hl7.org/index.php?title=April_10,_2018_Security_Conference_Call Meeting Minutes Approval (Kathleen/Johnathan) Opposed: none; Abstentions: none; Approved: 12
TF4FA Ballot - Mike
- time to vote, we're hoping things to go well
- Ballot is Normative
- Intend to contue with the PSAF charter (also mentioned on CBCP); have started work on Audit volume 3
- Volume 3 will have elements of life cycle eents and Audit and Provenance
- A&P are related, the work with did with EHR - Provenance of things an dlifecycle events and audit
- first thought is to look into block chain technology--signed ledger idea behind that---trust history; we'e already brough up a little of this...we will not get too detailed in it
- we have idea of by September by then t ballot in January - depending on how the current two volumes go with Normative
FHIR Security update _JohnM
- we are working through the ONC API and seucirty
- next item was input validation, agreed to add as an item as a high level punch list on security spec
- discussion on litmus test to help determine something that rises to the level that we should say something otherwise we will duplicate the exisiting security works--which is not desired
- is it input validation?
- we didnt' come up with a good litmus test--but we will add... one for now... when is it something specific to securing FHIR vs we should have some recommendation to use a seucrit framework and have a list of some security frameworks--we haven't yet touched upon (it will have to be a topic)...
- continuing to work through the ONC paper
- new time is better meeting time 2PM ET (right before this meeting)
Cologne Agenda - Kathleen (DRAFT)
- picking up on themes discussed
- adjustments made to the Security WGM agenda (discussion)
- opening Security WG
<<add link>>
- Updates on ballot, TEFCA
- DRAFT, not final)
