This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

Difference between revisions of "May 29, 2018 Security Conference Call"

From HL7Wiki
Jump to navigation Jump to search
Line 76: Line 76:
 
Cologne GDPR Connectathon
 
Cologne GDPR Connectathon
 
* suggestion made to move this agenda item to next week when involved persons are abailvel
 
* suggestion made to move this agenda item to next week when involved persons are abailvel
 +
* meeting held 25 May;
 +
* lots of interested at WGM, connectathon track and continued at several WG session
 +
* how will HL7 (with FHIR focus) can support the implementation of GDPR
 +
** includes beset practices
 +
** which HL7 artifacts, concepts, FHIR resources, can be used to fulfill support GDPR
 +
** spreadsheet started with knowledge
 +
*** mapping, FHIR resources, content being completed
 +
*** initial meeting FHIR support of GDPR
 +
* currently operational -
 +
* implications of FHIR
 +
** many organizations are already prepared, but not completed with their measurements/set-up
 +
* PPT by lawyer in Brussels <<link ?>>
 +
* HL7 would like to come up with guidance (audit resources? Security? best practices, etc.)
  
'''Ballot spreadsheet for V3_PSAF_R1_N1_2018 MAY'''
+
* Question: are healthcare organizations capable able to support labeling of healthcare data?
* Bernd
+
** (per Alex 'no' )
 +
** labeling is probably not required if no exchange is occurring between enterprises/cross border
 +
** beyond that, most organizations will not know how to label data in regard to GDPR
 +
* lots of room for interpretation
 +
 
 +
* There is need for useful work - mapping has been initiated; possible use cases, FHIR support --
 +
<<link to PPT by Alex on GDPR>>
 +
Call: Monday 10AM Eastern <<add link to meeting information>>
 +
* <<add Google Doc link >> - editing rights can be obtained by John Moehrke
 +
 
 +
'''Ballot spreadsheet for V3_PSAF_R1_N1_2018 MAY''' <<add link>>
 +
* Bernd  
 +
* Bulk of comments were questions on editing,
 +
** moving illustrations (do not appear to align), editing text, introduction (i.e. normative vs. informative clarification within the document)
 +
* Chris Hills group (IPO) had issues primary on editorial information which may warrant discussion
 +
* Patty Craig (joint commission) typically looking at quality measures; code systems
 +
** initial discussion on code SNOMED/code sets to HCS; mapping of codes on the data to sensitivity based on policy
 +
* Ballot Reconciliation: Separate call to be created/information to be sent to Security list serve
 +
 
 +
G

Revision as of 19:56, 29 May 2018

Back to Security Main Page

Attendees

x Member Name x Member Name x Member Name x Member Name
. John Moehrke Security Co-chair x Kathleen Connor Security Co-chair . Alexander Mense Security Co-chair . Trish Williams Security Co-chair
x Christopher Shawn Security Co-chair x Suzanne Gonzales-Webb x Mike Davis . David Staggs
x Diana Proud-Madruga x Francisco Jauregui x Joe Lamy . Greg Linden
. Rhonna Clark . Grahame Grieve . Johnathan Coleman . [mailto: Matt Blackman, Sequoia]
. Mohammed Jafari x Jim Kretz . Peter Bachman x Dave Silver
. Beth Pumo . Bo Dagnall . Riki Merrick . Theresa Connor

Back to Security Main Page

Agenda

  1. (2 min) Roll Call, Agenda Approval
  2. (5 min) Review and Approval of May 1st minutes (last call prior to WGM call cancellations)
  3. (5 min) Review and Approval of Cologne WGM Security Minutes
  4. (15 min) Cologne GDPR Connectathon Report Out & Interim Work Plans on FHIR GDPR IG - Alex, John, Kathleen
  5. (15 min) TF4FA Normative Ballot Reconciliation Spreadsheet]Vote Summary Report and disposition work session - Kathleen

Meeting Material



Meeting Minutes (DRAFT)

Roll Call take, Chris Shawn (chairing)

'Approval of meeting minutes from 5/1/2018 - confirm date) No Discussion Motion: Suzanne/Kathleen Vote: Objections: none, Abstentions: none; Approved: 6

Approval of Cologne Minutes

Motion to approve (Kathleen/Suzanne) Objections: none; Abstentions: none; approved: 8

Cologne GDPR Connectathon

  • suggestion made to move this agenda item to next week when involved persons are abailvel
  • meeting held 25 May;
  • lots of interested at WGM, connectathon track and continued at several WG session
  • how will HL7 (with FHIR focus) can support the implementation of GDPR
    • includes beset practices
    • which HL7 artifacts, concepts, FHIR resources, can be used to fulfill support GDPR
    • spreadsheet started with knowledge
      • mapping, FHIR resources, content being completed
      • initial meeting FHIR support of GDPR
  • currently operational -
  • implications of FHIR
    • many organizations are already prepared, but not completed with their measurements/set-up
  • PPT by lawyer in Brussels <<link ?>>
  • HL7 would like to come up with guidance (audit resources? Security? best practices, etc.)
  • Question: are healthcare organizations capable able to support labeling of healthcare data?
    • (per Alex 'no' )
    • labeling is probably not required if no exchange is occurring between enterprises/cross border
    • beyond that, most organizations will not know how to label data in regard to GDPR
  • lots of room for interpretation
  • There is need for useful work - mapping has been initiated; possible use cases, FHIR support --

<<link to PPT by Alex on GDPR>> Call: Monday 10AM Eastern <<add link to meeting information>>

  • <<add Google Doc link >> - editing rights can be obtained by John Moehrke

Ballot spreadsheet for V3_PSAF_R1_N1_2018 MAY <<add link>>

  • Bernd
  • Bulk of comments were questions on editing,
    • moving illustrations (do not appear to align), editing text, introduction (i.e. normative vs. informative clarification within the document)
  • Chris Hills group (IPO) had issues primary on editorial information which may warrant discussion
  • Patty Craig (joint commission) typically looking at quality measures; code systems
    • initial discussion on code SNOMED/code sets to HCS; mapping of codes on the data to sensitivity based on policy
  • Ballot Reconciliation: Separate call to be created/information to be sent to Security list serve

G