This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

Difference between revisions of "August 14, 2018 Security Conference Call"

From HL7Wiki
Jump to navigation Jump to search
 
(3 intermediate revisions by the same user not shown)
Line 2: Line 2:
  
 
==Attendees==
 
==Attendees==
 
meeting recording temporary:  hhttps://fccdl.in/7ooU0lXS9I
 
  
 
{| class="wikitable"
 
{| class="wikitable"
Line 9: Line 7:
 
!x||'''Member Name'''|| !!  x ||'''Member Name''' !!|| x ||'''Member Name''' !!|| x ||'''Member Name'''  
 
!x||'''Member Name'''|| !!  x ||'''Member Name''' !!|| x ||'''Member Name''' !!|| x ||'''Member Name'''  
 
|-
 
|-
||  x|| [mailto:JohnMoerke@gmail.com John Moehrke] Security Co-chair
+
||  .|| [mailto:JohnMoerke@gmail.com John Moehrke] Security Co-chair
 
||||.|| [mailto:Kathleen_Connor@comcast.net Kathleen Connor] Security Co-chair  
 
||||.|| [mailto:Kathleen_Connor@comcast.net Kathleen Connor] Security Co-chair  
 
||||.|| [mailto:mense@fhtw.onmicrosoft.com Alexander Mense] Security Co-chair
 
||||.|| [mailto:mense@fhtw.onmicrosoft.com Alexander Mense] Security Co-chair
Line 42: Line 40:
 
|-
 
|-
 
|}
 
|}
 +
 +
Joe L, Mike, chris shawn dave s, david stags, diana, Francisco, jim K
  
 
=='''Agenda'''==
 
=='''Agenda'''==
Line 65: Line 65:
 
Chair: Chris Shawn
 
Chair: Chris Shawn
  
Roll taken
+
Roll taken, no additions made to agenda
 
 
GDPR whitepaper on FHIR update;
 
* Link to Rene Spronk's GDPR presentation  https://vimeo.com/267769545 password GDPR (4 capitals) approx. 30 min long.
 
  
MOTION made : to be a co-sponsor for PSS as presented (Suzanne/MIke)
+
'''GDPR whitepaper on FHIR update'''
objections: none; abstentions: none; motion approved:
+
* Link to Rene Spronk's GDPR presentation: https://vimeo.com/267769545 password GDPR (4 capitals) approx. 30 min long.
 +
* highly recommended by Mike Davis
  
 +
'''PSS'''
 +
MOTION made:  For Security to be a co-sponsor for PSS linked as presented (Suzanne/MIke)
 +
objections: none; abstentions: none; motion approved: 10
  
MOTION to approve block of TF4FA comments 24-41 (Suzanne/Mike)
+
'''TF4FA Ballot reconciliation'''
objections: none; abstentions: none; motion approved:
+
MOTION: To approve block of TF4FA ballot comments 25-41 (Suzanne/Mike)
 +
objections: none; abstentions: none; motion approved: 10
  
additional meeting today, 42-51 comments ballot resolutions completed
+
* Sub-Groups meeting earlier on Tuesdays,
 +
*  Comments 42-51 ballot resolutions completed today
  
 
+
'''PASS Audit''' document update
PASS Audit:
 
 
* No update on AUDIT
 
* No update on AUDIT
  
 
+
'''TF4FA Trust Framework - Volume 3'''
TF4FA Trust Framework Volume 3
+
* Met this week to discuss; understand that there is a great deal of interested in Provenance
* met this week to discuss; understanding that there is a great deal of interested fro FHIR
 
 
 
 
* reviewed by Kathleen with complements
 
* reviewed by Kathleen with complements
*plan to present at the September WGM, balloting in January
+
* plan to present document update at the September WGM, balloting in January
* docuoment will be put out to security listserve as soon as we can for review (pre-ballot)
+
* added to WGM, Security-CBCP Q3/Q4 MON joint session
* presented major graphics at the security WG, its a matter of filling in the content
+
* Document will be put out to Security and CBCP listserve as soon as we can for review (pre-ballot)
 +
* presented major graphics at the Security WG, its a matter of filling in the content
 +
* no questions
  
Privacy Obsolete
+
'''Privacy Obsolete'''
* plan to present ata the security WGM
+
* Plan to present results at the WGM,(added to the joint agenda CBCP-Security MON Q3/Q4 joint meeting)
* add to the joint agenda CBCP-Security
+
* there is a tremendous amount of information being gathered (enough for 3+ years)
*there is a tremendous amount of information being gathered (enough for 3+ years)
+
** trying to narrow it down and make resources available
** trying to narrow it down and make resources avialbe that we have to make sometables that summarize the vectors that we
+
** We have to make some tables that summarize the principal vectors that we were looking at
** technology, policy viewpoints
+
*** i.e. technology, policy viewpoints
** we will most likely not have a conclusion, but information can be evalutated (US:good luck, EU:better, etc)
+
** we will most likely not have a definitive conclusion, but information can be evaluated, its very specific to what country you're living (i.e.US:good luck, EU:better, etc)
* Mike does not feel that its obsolete--that's what the paper will draw out
+
* Mike does not feel that its obsolete--that's what the paper will draw out, that there are a lot of challenges
 
** PPT given at May 2018 meeting which will be very close to where we are at
 
** PPT given at May 2018 meeting which will be very close to where we are at
  
Baltimore WGM Agenda
+
'''Baltimore WGM Agenda'''
* add TUE Q4 - update PSAF Working Session to PSAF/TF4FA Volume 3 Working Session)
+
* Added to TUE Q4 - Update TO PSAF Working Session to PSAF/TF4FA Volume 3 Working Session)
* move from TUE Q1 (TF4FA - volume 3)
+
** (Move from TUE Q1 (TF4FA - Volume 3) for additional discussion time)
* DISCUSSIONS on major changes in FHIR (from experts) ; full quarter
+
* DISCUSSIONS on major changes in FHIR (from experts) ; full quarter desired for overview discussion
** changes expected to see. something in between FHIR for DUMMIES and FHIR for TECHNICAL discussion
+
** discussion/report out of changes expected to see. Something in between FHIR for DUMMIES and FHIR for TECHNICAL discussion
** drill down of activities  (TUE Q3 entire quarter)
+
** Drill down of activities   
 +
* suggest to add to (TUE Q3 entire quarter)
  
 
+
'''NEW AGENDA ITEM'''
Joe L, Mike, chris shawn dave s, david stags, diana, Francisco, jim K
 
 
* Mike mentioned that a few folk have been close to the TEFCA;  
 
* Mike mentioned that a few folk have been close to the TEFCA;  
 +
** add discussion around TEFCA; anticipating that ONC will put something out/next version (suggested:
 
** TEFCA update; more than what does TEFCA and its acronym mean...  
 
** TEFCA update; more than what does TEFCA and its acronym mean...  
*** in the US the Feds have been involved in their own wg to make TEFCA recommendations and concerns
+
*** in the US the Feds have been involved in their own Working Group to make TEFCA recommendations and express concerns
*** if we have an opportunity to talk to that; more than 10 minutes
+
*** if we have an opportunity to talk to that; (more than 10 minutes)
** schedule a Q on TEFCA; invite ONC, VA, IHS, CMS, SS, DoD (US Federal Agencies)
+
** schedule a Q on TEFCA; invite ONC, VA, IHS, CMS, SSA, DoD (US Federal Agencies)
 
*** issues around the TEFCA that is of interest to HL7
 
*** issues around the TEFCA that is of interest to HL7
# finishing up of POU; current  TEFCA has defined POU, but is different.... some states have need for EMergeny access, which is not part of TEFCA; HL7 needs to do a better job of promoting..standards based and not 'made up' by verticlas (TEFCA has its own, VA has its own, DURSA has its own); we want to coax ONC into adopting the HL7 standards;
+
# finishing up of POU; current  TEFCA has defined POU, but is different.... some states have need for Emergency access/not currently authorized, which is not part of TEFCA; HL7 needs to do a better job of promoting...making TEFCA standards based and not 'made up' by verticles (TEFCA has its own, VA has its own, DURSA has its own); we want to coax ONC into adopting the HL7 standards;
 
* because we are very willing to put into th voca into the vertical; Sequoa, CommenWell or whomever
 
* because we are very willing to put into th voca into the vertical; Sequoa, CommenWell or whomever
 +
 +
'''NEW AGENDA ITEM'''
 
* OASIS Update to XSPA-SAML (add to Q3 Q4 joint) as part of international standards
 
* OASIS Update to XSPA-SAML (add to Q3 Q4 joint) as part of international standards
 
  
 
Motion to Adjourn: (Suzanne)
 
Motion to Adjourn: (Suzanne)
 
Meeting adjourned at 1234 Arizona Time  --[[User:Suzannegw|Suzannegw]] ([[User talk:Suzannegw|talk]]) 15:35, 14 August 2018 (EDT)
 
Meeting adjourned at 1234 Arizona Time  --[[User:Suzannegw|Suzannegw]] ([[User talk:Suzannegw|talk]]) 15:35, 14 August 2018 (EDT)

Latest revision as of 20:47, 28 August 2018

Back to Security Main Page

Attendees

x Member Name x Member Name x Member Name x Member Name
. John Moehrke Security Co-chair . Kathleen Connor Security Co-chair . Alexander Mense Security Co-chair . Trish Williams Security Co-chair
x Christopher Shawn Security Co-chair x Suzanne Gonzales-Webb x Mike Davis x David Staggs
x Diana Proud-Madruga x Francisco Jauregui x Joe Lamy . Greg Linden
. Rhonna Clark . Grahame Grieve . Johnathan Coleman . [mailto: Matt Blackman, Sequoia]
. Mohammed Jafari x Jim Kretz . Peter Bachman x Dave Silver
. Beth Pumo . Bo Dagnall . Riki Merrick . [mailto: Julie Maas]

Joe L, Mike, chris shawn dave s, david stags, diana, Francisco, jim K

Agenda

  1. (2 min) Roll Call, Agenda Approval
  2. (5 min) Review and Approval of:
  3. (5 min) GDPR whitepaper on FHIR update - Alex, John, Kathleen
  4. (5 min) PSS Review and Vote Cross Paradigm Interoperable Implementation IG PSS
  5. (5 min) TF4FA Normative Ballot reconciliation (formerly PSAF) - Mike, Chris
  6. (10 min) PASS Audit post ballot reconciliation document update - Mike
  7. (05 min) TF4FA Trust Framework Volume 3 (placeholder) - Mike, Chris
  8. Is Privacy Obsolete - Mike
  9. (05 min) Placeholder: HL7 WGM Baltimore planning

Back to Security Main Page

Meeting Minutes (DRAFT)

Chair: Chris Shawn

Roll taken, no additions made to agenda

GDPR whitepaper on FHIR update

  • Link to Rene Spronk's GDPR presentation: https://vimeo.com/267769545 password GDPR (4 capitals) approx. 30 min long.
  • highly recommended by Mike Davis

PSS MOTION made: For Security to be a co-sponsor for PSS linked as presented (Suzanne/MIke) objections: none; abstentions: none; motion approved: 10

TF4FA Ballot reconciliation MOTION: To approve block of TF4FA ballot comments 25-41 (Suzanne/Mike) objections: none; abstentions: none; motion approved: 10

  • Sub-Groups meeting earlier on Tuesdays,
  • Comments 42-51 ballot resolutions completed today

PASS Audit document update

  • No update on AUDIT

TF4FA Trust Framework - Volume 3

  • Met this week to discuss; understand that there is a great deal of interested in Provenance
  • reviewed by Kathleen with complements
  • plan to present document update at the September WGM, balloting in January
  • added to WGM, Security-CBCP Q3/Q4 MON joint session
  • Document will be put out to Security and CBCP listserve as soon as we can for review (pre-ballot)
  • presented major graphics at the Security WG, its a matter of filling in the content
  • no questions

Privacy Obsolete

  • Plan to present results at the WGM,(added to the joint agenda CBCP-Security MON Q3/Q4 joint meeting)
  • there is a tremendous amount of information being gathered (enough for 3+ years)
    • trying to narrow it down and make resources available
    • We have to make some tables that summarize the principal vectors that we were looking at
      • i.e. technology, policy viewpoints
    • we will most likely not have a definitive conclusion, but information can be evaluated, its very specific to what country you're living (i.e.US:good luck, EU:better, etc)
  • Mike does not feel that its obsolete--that's what the paper will draw out, that there are a lot of challenges
    • PPT given at May 2018 meeting which will be very close to where we are at

Baltimore WGM Agenda

  • Added to TUE Q4 - Update TO PSAF Working Session to PSAF/TF4FA Volume 3 Working Session)
    • (Move from TUE Q1 (TF4FA - Volume 3) for additional discussion time)
  • DISCUSSIONS on major changes in FHIR (from experts) ; full quarter desired for overview discussion
    • discussion/report out of changes expected to see. Something in between FHIR for DUMMIES and FHIR for TECHNICAL discussion
    • Drill down of activities
  • suggest to add to (TUE Q3 entire quarter)

NEW AGENDA ITEM

  • Mike mentioned that a few folk have been close to the TEFCA;
    • add discussion around TEFCA; anticipating that ONC will put something out/next version (suggested:
    • TEFCA update; more than what does TEFCA and its acronym mean...
      • in the US the Feds have been involved in their own Working Group to make TEFCA recommendations and express concerns
      • if we have an opportunity to talk to that; (more than 10 minutes)
    • schedule a Q on TEFCA; invite ONC, VA, IHS, CMS, SSA, DoD (US Federal Agencies)
      • issues around the TEFCA that is of interest to HL7
  1. finishing up of POU; current TEFCA has defined POU, but is different.... some states have need for Emergency access/not currently authorized, which is not part of TEFCA; HL7 needs to do a better job of promoting...making TEFCA standards based and not 'made up' by verticles (TEFCA has its own, VA has its own, DURSA has its own); we want to coax ONC into adopting the HL7 standards;
  • because we are very willing to put into th voca into the vertical; Sequoa, CommenWell or whomever

NEW AGENDA ITEM

  • OASIS Update to XSPA-SAML (add to Q3 Q4 joint) as part of international standards

Motion to Adjourn: (Suzanne) Meeting adjourned at 1234 Arizona Time --Suzannegw (talk) 15:35, 14 August 2018 (EDT)

Retrieved from "https://wiki.hl7.org/w/index.php?title=August_14,_2018_Security_Conference_Call&oldid=160432"