This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

Difference between revisions of "October 16, 2018 Security Conference Call"

From HL7Wiki
Jump to navigation Jump to search
Line 72: Line 72:
 
Chair, TBD
 
Chair, TBD
 
Roll Taken, Agenda reviewed, updates made as requested
 
Roll Taken, Agenda reviewed, updates made as requested
 
+
*Motion to approve 9/18 meeting minutes
Motion to approve 9/18 meeting minutes
+
*Move / Second 0-0-0
(Suzanne to add link to ballot spreadsheet)
 
Vote: Abstain: none; oppose: none approve: 9
 
 
 
 
 
'''GDPR whitepaper on FHIR Update'''
 
* weekly Monday meeting cancelled this week
 
* meeting to be held at WGM on Sunday
 
 
 
 
'''TF4FA Ballot Reconciliation'''  
 
'''TF4FA Ballot Reconciliation'''  
 
* [https://gforge.hl7.org/gf/project/security/docman/HL7%20Security%20SOA/TF4FA%20(formerly%20PSAF)/TF4FA%20-%20Ballot%20Reconciliation%20May%202018%20ballot/ballotcomments_V3_PSAF_R1_N1_2018MAY%20amalgamated_20180918_sgw.xlsm Spreadsheet for 9/18]
 
* [https://gforge.hl7.org/gf/project/security/docman/HL7%20Security%20SOA/TF4FA%20(formerly%20PSAF)/TF4FA%20-%20Ballot%20Reconciliation%20May%202018%20ballot/ballotcomments_V3_PSAF_R1_N1_2018MAY%20amalgamated_20180918_sgw.xlsm Spreadsheet for 9/18]
Reviewed Ballot comments: 90-99
+
Reviewed Ballot comments: 129 - 161 for vote next week 10/23.
* Motion to approve ballot comments #90-99 as presented) Mike / Suzanne
 
** Vote: Abstain: none  Oppose: none  Approve: 9
 
* Please review ballot comments #100-106 for vote next week
 
 
 
 
 
 
'''PASS Audit document update'''
 
'''PASS Audit document update'''
* no update
 
* plan to work on document post ballot reconciliation during WGM
 
 
 
'''Volume 3'''
 
'''Volume 3'''
* Document progress made
+
'''Security WG 3 Year Plan'''
* Draft will be ready to discuss at the WGM
+
'''Securithy Confluence '''
* Kathleen mentioned that digital ledger technology may be introduced---wherein Volume 3 may shed some light on that (whether we need an ISO V2 Provenance)
+
'''FHIR Security Update'''
* 21 century CURES
+
'''GDPR whitepaper on FHIR Update'''
* see outline above in Meeting Materials
 
** finding a way to satisfy 21 CURES....
 
** Privacy and Security capability/ to assist making decision to approach privacy and security for systems they would buy
 
* the reason Kathleen is pushing is because its recognized in ISA; someone in IHE, vendor or other could look this as embedding privacy and security…
 
  
 
==(see 19:00)==
 
==(see 19:00)==

Revision as of 16:47, 9 October 2018

Back to Security Main Page

Attendees

Back to Security Main Page

x Member Name x Member Name x Member Name x Member Name
. John Moehrke Security Co-chair x Kathleen Connor Security Co-chair . Alexander Mense Security Co-chair . Trish Williams Security Co-chair
. Christopher Shawn Security Co-chair x Suzanne Gonzales-Webb x Mike Davis x David Staggs
x Diana Proud-Madruga . Johnathan Coleman x Francisco Jauregui x Joe Lamy
. Rhonna Clark . Greg Linden . Grahame Grieve x Dave Silver
. Beth Pumo x Jim Kretz . Peter Bachman . Bo Dagnall
. [mailto: ] . [mailto: ] . [mailto: ] . [mailto: ]

Back to Security Main Page

Agenda

  1. (2 min) Roll Call, Agenda Approval
  2. (5 min) Review and Approval of Minutes
  3. (10 min) TF4FA Normative Ballot reconciliation (formerly PSAF) - Mike, Chris
  4. (10 min) TF4FA Trust Framework, Volume 3 - Update Mike, Chris
  5. (05 min) Review Security WG 3 Year Plan - Kathleen
  6. (05 min) Check out Security WG Confluence site - Kathleen
  7. (10 min) FHIR Security Update - John
  8. (05 min) GDPR whitepaper on FHIR Update - Alex

Back to Security Main Page

Meeting Materials

Back to Security Main Page

Meeting Minutes DRAFT

Chair, TBD Roll Taken, Agenda reviewed, updates made as requested

  • Motion to approve 9/18 meeting minutes
  • Move / Second 0-0-0

TF4FA Ballot Reconciliation

Reviewed Ballot comments: 129 - 161 for vote next week 10/23. PASS Audit document update Volume 3 Security WG 3 Year Plan Securithy Confluence FHIR Security Update GDPR whitepaper on FHIR Update

(see 19:00)

  • ONC is implementing this comment agreement....
    • article 4000? 4002 (per Mike)
    • in response to that ONC has responded with comments to TEFCA
    • V2 is imminent - the response should be coming soon. possibly around the time of the WGM we have may have available for release
  • we have comments from first TEFCA version
    • federal partners WG joined to provide comments for TEFCA for where we would like to see it go.
    • we know that the original TEFCA is out and comments made, we need to see the next version based on the comments received
  • Kathleen in RFI looks like they are asking for a particular portion of the RFI for reporting on EHR programs. that is complementary probably--does anyone--are people okay with this list going in the PAC as recommendations for this WG (security)
  • see bulleted section at bottom
    • where to look for security and privacy support
    • the response from 'us' is in security labeling --we need more than just to support it---but why we feel this is relative.
    • the bullet points could use a little more justification
  • Kathleen feels we should also add maybe: RBAC, audit, ABAC, … others

(see 25:00)

We are supporting the adoption of SAMHSA consent2share - but we didn’t' say support adoption of questionnaire or contracts... an HL7 thing (this is a SAMHSA thing); you need to add an HL7 hook

Confluence site

  • front page of confluence will tell you how to get in, etc.,
  • there are other WGs who have templates, etc. for meeting minutes
  • Agendas are using it... attempt to migrate out of wiki;
  • should be easier for collaborations, edits can be done directly, etc.
  • Questions?
  • will add agenda item at WGM

ISA Comments:

Review ISA for Security and Privacy Concerns PPT <<add link>>

  • HealthIT.gov; Remote Patient Authorization and Submission of EHR Data for Research aka "Right of Access"

Update to Baltimore Agenda Tuesday Q4 - update to MiHIN presentation on how they are using Consent, Lloyd and Grahame have been invited as they would like to bring up the three statements that David brought forward in CBCP.

  • moving Tuesday Q4 - Update of Volume 3 Draft (Mike) to TUES Q2 (replacing PASS Audit Ballot Reconciliation document updates which can be done offline

No additional discussion items brought forward


Note: No meeting on the 25th

Meeting adjourned at 1258 --Suzannegw (talk) 21:55, 19 September 2018 (EDT)

Back to Security Main Page