This wiki has undergone a migration to Confluence found Here
Difference between revisions of "HL7 FHIR Security 2015-12-01"
Jump to navigation
Jump to search
(Created page with "Back to HL7 FHIR security topics ==Attendees== {| class="wikitable" |- ! ||'''Member Name'''|| !! ||'''Member Name''' !!|| ||'''Member Name''' !...") |
JohnMoehrke (talk | contribs) |
||
(10 intermediate revisions by 2 users not shown) | |||
Line 6: | Line 6: | ||
! ||'''Member Name'''|| !! ||'''Member Name''' !!|| ||'''Member Name''' !! | ! ||'''Member Name'''|| !! ||'''Member Name''' !!|| ||'''Member Name''' !! | ||
|- | |- | ||
− | ||||[mailto:jmoehrke@ge.med.com John Moehrke] Security Co-Chair | + | ||x||[mailto:jmoehrke@ge.med.com John Moehrke] Security Co-Chair |
− | ||||||[mailto:Kathleen_Connor@comcast.net Kathleen Connor] | + | |||x|||[mailto:Kathleen_Connor@comcast.net Kathleen Connor] |
− | ||||||[mailto: | + | |||x|||[mailto:suzanne.webb@engilitycorp.com Suzanne Gonzales-Webb] CBCC Co-Chair |
|- | |- | ||
− | ||||[mailto: | + | |||x|[mailto:gary.dickinson@ehr-standards.com Gary Dickinson] EHR Co-Chair |
− | ||||||[mailto: | + | ||||||[mailto:jc@securityrs.com Johnathan Coleman]CBCC Co-Chair |
− | ||||||[mailto: | + | |||x|||[mailto:Judith.Fincher@va.gov Judy Fincher] |
|- | |- | ||
− | ||||[mailto: | + | ||||[mailto:rgelzer@provider-resources.com Reed Gelzer] RM-ES Lead |
− | ||||||[mailto: | + | |||x|||[mailto:gfm@securityrs.com Glen Marshal] |
− | ||||||[mailto: | + | |||x|||[mailto:Galen.Mulrooney@JPSys.com Galen Mulrooney] |
|- | |- | ||
− | ||||[mailto: | + | |||x|[mailto:dsilver@electrosoft-inc.com Dave Silver] |
− | |||
− | |||
− | |||
− | |||
||||||[mailto:???] | ||||||[mailto:???] | ||
||||||[mailto:???] | ||||||[mailto:???] | ||
|- | |- | ||
+ | |||
+ | |} | ||
==Agenda== | ==Agenda== | ||
+ | |||
+ | Kathleen | ||
+ | |||
+ | *[http://wiki.hl7.org/index.php?title=HL7_FHIR_Provenance_Resource&action=edit§ion=4 Review ProvenanceEvent value set] | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=9051 9051] Remove AuditEvent.participant.role binding to http://hl7.org/fhir/ValueSet/dicm-402-roleid. Bind this value set to AuditEvent.particpant.userid (Kathleen Connor) None | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=9042 9042] Add RBAC as value set for AuditEvent.participant.role (Kathleen Connor) None | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=9043 9043] Add ABAC as alternative value set for AuditEvent.participant.role (Kathleen Connor) None | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=9052 9052] Add SNOMED Stuctural Roles as value set for AuditEvent.participant.role (Kathleen Connor) None | ||
+ | |||
+ | Related to RBAC | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=3318 3318] Clarify how to use RBAC and ABAC using FHIR (John Moehrke) Considered for Future Use | ||
+ | |||
+ | To Discuss | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=9056 9056] Provenance for multiple activities (John Moehrke) None | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=7598 7598] 2015May core #889 - Can Provenance apply to a resource or just a data element (Ioana Singureanu) Considered for Future Use | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=9078 9078] HTTP Caching Warning for FHIR GET REST services (Kathleen Connor) None | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=8638 8638] how does Provenance work when deleting records (Grahame Grieve) None | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=7597 7597] 2015May core #888 - This resource is missing any reference to the "action" performed on the entity. Is there a default "create" action or is it an omission? (Ioana Singureanu) Considered for Future Use | ||
+ | |||
+ | Other Open | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=6303 6303] Add Record Lifecycle Events to AuditEventObjectLifecycle Set (Gary Dickinson) Considered for Future Use | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=7563 7563] 2015May core #854 - Expand on how to use Provenance (Kathleen Connor) Considered for Future Use | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=7567 7567] 2015May core #858 - Provenance isn't sufficiently aligned with w3c spec (Kathleen Connor) Considered for Future Use | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=7568 7568] 2015May core #859 - How are agent and activity linked? (Kathleen Connor) Considered for Future Use | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=7569 7569] 2015May core #860 - Clarify relationship agents and entities used in activity (Kathleen Connor) Considered for Future Use | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=7570 7570] 2015May core #861 - Clarify relationship agents and entities used in activity (Kathleen Connor) Considered for Future Use | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=8731 8731] Canonicalization for signatures (Lloyd McKenzie) None | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=8738 8738] Unapplied QA changes around security and services (Michelle Miller) None | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=8790 8790] Give guidance on AuditEvent that codes don't need DisplayName populated (Paul Knapp) None | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=8803 8803] Provenance for a subset of a resource (Chris Grenz) None | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=8827 8827] Signature datatype does not include counter-signature type (John Moehrke) None | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=9035 9035] AuditEvent harmonizing with Provenance (John Moehrke) None | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=9036 9036] Handling of meta values that should force version, such as security_labels (John Moehrke) None | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=9037 9037] Security page should recognize HEART (John Moehrke) None | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=7752 7752] 2015May core #1073 - Replace value set with FHIR Signer Type value set (Kathleen Connor) Not Related | ||
==Minutes== | ==Minutes== | ||
+ | Main discussion was on the role of participant role id and approaches to aligning AuditEvent/Provenance Resources. | ||
+ | |||
+ | Approved: | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=9056 9056] Provenance for multiple activities (John Moehrke) Persuasive -- Kathleen Connor / Glen Marshal: 5-0-0 | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=7598 7598] 2015May core #889 - Can Provenance apply to a resource or just a data element (Ioana Singureanu) Question Answered -- Kathleen Connor / Glen Marshal: 5-0-0 | ||
==Action Items== | ==Action Items== | ||
+ | Continue discussion 12-08. |
Latest revision as of 20:35, 15 December 2015
Back to HL7 FHIR security topics
Contents
Attendees
Member Name | Member Name | Member Name | ||||||
---|---|---|---|---|---|---|---|---|
x | John Moehrke Security Co-Chair | x | Kathleen Connor | x | Suzanne Gonzales-Webb CBCC Co-Chair | |||
Gary Dickinson EHR Co-Chair | Johnathan ColemanCBCC Co-Chair | x | Judy Fincher | |||||
Reed Gelzer RM-ES Lead | x | Glen Marshal | x | Galen Mulrooney | ||||
Dave Silver | [1] | [2] |
Agenda
Kathleen
- Review ProvenanceEvent value set
- 9051 Remove AuditEvent.participant.role binding to http://hl7.org/fhir/ValueSet/dicm-402-roleid. Bind this value set to AuditEvent.particpant.userid (Kathleen Connor) None
- 9042 Add RBAC as value set for AuditEvent.participant.role (Kathleen Connor) None
- 9043 Add ABAC as alternative value set for AuditEvent.participant.role (Kathleen Connor) None
- 9052 Add SNOMED Stuctural Roles as value set for AuditEvent.participant.role (Kathleen Connor) None
Related to RBAC
- 3318 Clarify how to use RBAC and ABAC using FHIR (John Moehrke) Considered for Future Use
To Discuss
- 9056 Provenance for multiple activities (John Moehrke) None
- 7598 2015May core #889 - Can Provenance apply to a resource or just a data element (Ioana Singureanu) Considered for Future Use
- 9078 HTTP Caching Warning for FHIR GET REST services (Kathleen Connor) None
- 8638 how does Provenance work when deleting records (Grahame Grieve) None
- 7597 2015May core #888 - This resource is missing any reference to the "action" performed on the entity. Is there a default "create" action or is it an omission? (Ioana Singureanu) Considered for Future Use
Other Open
- 6303 Add Record Lifecycle Events to AuditEventObjectLifecycle Set (Gary Dickinson) Considered for Future Use
- 7563 2015May core #854 - Expand on how to use Provenance (Kathleen Connor) Considered for Future Use
- 7567 2015May core #858 - Provenance isn't sufficiently aligned with w3c spec (Kathleen Connor) Considered for Future Use
- 7568 2015May core #859 - How are agent and activity linked? (Kathleen Connor) Considered for Future Use
- 7569 2015May core #860 - Clarify relationship agents and entities used in activity (Kathleen Connor) Considered for Future Use
- 7570 2015May core #861 - Clarify relationship agents and entities used in activity (Kathleen Connor) Considered for Future Use
- 8731 Canonicalization for signatures (Lloyd McKenzie) None
- 8738 Unapplied QA changes around security and services (Michelle Miller) None
- 8790 Give guidance on AuditEvent that codes don't need DisplayName populated (Paul Knapp) None
- 8803 Provenance for a subset of a resource (Chris Grenz) None
- 8827 Signature datatype does not include counter-signature type (John Moehrke) None
- 9035 AuditEvent harmonizing with Provenance (John Moehrke) None
- 9036 Handling of meta values that should force version, such as security_labels (John Moehrke) None
- 9037 Security page should recognize HEART (John Moehrke) None
- 7752 2015May core #1073 - Replace value set with FHIR Signer Type value set (Kathleen Connor) Not Related
Minutes
Main discussion was on the role of participant role id and approaches to aligning AuditEvent/Provenance Resources.
Approved:
- 9056 Provenance for multiple activities (John Moehrke) Persuasive -- Kathleen Connor / Glen Marshal: 5-0-0
- 7598 2015May core #889 - Can Provenance apply to a resource or just a data element (Ioana Singureanu) Question Answered -- Kathleen Connor / Glen Marshal: 5-0-0
Action Items
Continue discussion 12-08.