This wiki has undergone a migration to Confluence found Here
Difference between revisions of "April 21st 2009 Security Conference Call"
Jump to navigation
Jump to search
(→Agenda) |
|||
(5 intermediate revisions by the same user not shown) | |||
Line 3: | Line 3: | ||
*[[Security| Meeting Information]] | *[[Security| Meeting Information]] | ||
− | ==Attendees== | + | ==Attendees== |
− | + | # [mailto:sconnolly@apelon.com Steven Connolly] | |
− | + | # [mailto:gonzaleswebs@saic.com Suzanne Gonzales-Webb] CBCC Co-chair | |
− | + | # [mailto:rhamm@gmail.com Russ Hamm] | |
− | + | # [mailto:robert.horn@agfa.com Bob Horn] | |
− | + | # [mailto:djorgensen@inpriva.com Don Jorgensen] | |
− | + | # [mailto:glen.f.marshall@siemans.com Glen Marshall] Security Co-chair | |
− | + | # [mailto:rmcclure@apelon.com Rob McClure] | |
− | + | # [mailto:john.moehrke@med.ge.com John Moehrke] | |
− | + | # [mailto:milan.petkovic@phillips.com Milan Petkovik] | |
− | + | # [mailto:ppyette@perimind.com Pat Pyette] | |
− | + | # [mailto:dsperzel@apelon.com David Sperzel] | |
− | + | # [mailto:richard.thoreson@samhsa.hhs.gov Richard Thoreson] CBCC Co-chair | |
− | + | # [mailto:ioana@eversolve.com Ioana Singureanu] | |
− | + | # [mailto:weida@apelon.com Tony Weida] | |
− | |||
− | |||
− | |||
==Agenda== | ==Agenda== | ||
− | |||
− | #''(05 min)'' Roll Call | + | #''(05 min)'' Roll Call, Approve Minutes & Accept Agenda'' |
− | + | #''(55 min)'' '''Object Vocabulary - Q&A''' [http://hl7projects.hl7.nscee.edu/docman/view.php/59/2319/ObjectOntology.xls Object Ontology] ~ Steve Connolly | |
− | #''( | + | Note: Object List is a Normative spec published by ANSI in 2008 |
− | #''( | + | # Comments |
− | #''(5 min)'' '''Other Business''' | + | ## terms should not be deleted but deprecated with a note that states why the term is being changed (i.e. duplicate, substituted with another term) |
+ | ## Descriptive types notes, summary, report - we had to determine if there were consistency in each of these types. if they are well defined descriptions then we will have to deal with them in another way. We will need to determine singular or plural form of an object and how we portray that. (current list is not consistent) | ||
+ | ## 2a - terms lean toward verbiage that is common usage or possibly external code systems. | ||
+ | ### OpenEHR object vocabulary: Clinical Investigator Record Ontology" spreadsheet | ||
+ | ## another place to look would be in ActInformationCategory Code used in Canada and based on domain data. This would allow the information to blend. (X-type) | ||
+ | ## recapture some of the original confidentiality code outside of HL7 and it would be useful if all healthcare objects have the same vector and have the same naming here. | ||
+ | We are labeling things toward the type of information. When you label something for confidentiality you are labeling '''content''' i.e. type of data Lab Result, content - low white blood cell count which may indicate a disease and limited people may view. This is where patient preference may enter. (Security vs confidentiality differences, align respresentations between the two despite the differences) | ||
+ | (John/Glen) will be speaking offline | ||
+ | ## Bolded information ([[add link]] from RBACObjectVocabulary.xls) is added to clarify information needed to protect rather that confusion with a process | ||
+ | ## All objects have a level of sensitivity to them. | ||
+ | |||
+ | |||
+ | #''not discussed, moved forward to next week'' '''[http://wiki.hl7.org/index.php?title=Role-Based_Access_Control_%28RBAC%29_Use_Cases Security Use Cases]''' Ioana Singureanu/Steve Connolly | ||
+ | #''(5 min)'' '''Other Business''' None | ||
==Action Items== | ==Action Items== | ||
[[Security|Back to Meetings]] | [[Security|Back to Meetings]] |
Latest revision as of 18:14, 21 April 2009
Security Working Group Meeting
Attendees
- Steven Connolly
- Suzanne Gonzales-Webb CBCC Co-chair
- Russ Hamm
- Bob Horn
- Don Jorgensen
- Glen Marshall Security Co-chair
- Rob McClure
- John Moehrke
- Milan Petkovik
- Pat Pyette
- David Sperzel
- Richard Thoreson CBCC Co-chair
- Ioana Singureanu
- Tony Weida
Agenda
- (05 min) Roll Call, Approve Minutes & Accept Agenda
- (55 min) Object Vocabulary - Q&A Object Ontology ~ Steve Connolly
Note: Object List is a Normative spec published by ANSI in 2008
- Comments
- terms should not be deleted but deprecated with a note that states why the term is being changed (i.e. duplicate, substituted with another term)
- Descriptive types notes, summary, report - we had to determine if there were consistency in each of these types. if they are well defined descriptions then we will have to deal with them in another way. We will need to determine singular or plural form of an object and how we portray that. (current list is not consistent)
- 2a - terms lean toward verbiage that is common usage or possibly external code systems.
- OpenEHR object vocabulary: Clinical Investigator Record Ontology" spreadsheet
- another place to look would be in ActInformationCategory Code used in Canada and based on domain data. This would allow the information to blend. (X-type)
- recapture some of the original confidentiality code outside of HL7 and it would be useful if all healthcare objects have the same vector and have the same naming here.
We are labeling things toward the type of information. When you label something for confidentiality you are labeling content i.e. type of data Lab Result, content - low white blood cell count which may indicate a disease and limited people may view. This is where patient preference may enter. (Security vs confidentiality differences, align respresentations between the two despite the differences) (John/Glen) will be speaking offline
- Bolded information (add link from RBACObjectVocabulary.xls) is added to clarify information needed to protect rather that confusion with a process
- All objects have a level of sensitivity to them.
- not discussed, moved forward to next week Security Use Cases Ioana Singureanu/Steve Connolly
- (5 min) Other Business None