This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

Difference between revisions of "February 02, 2016 CBCC Conference Call"

From HL7Wiki
Jump to navigation Jump to search
 
(2 intermediate revisions by the same user not shown)
Line 112: Line 112:
 
'''Approval of Meeting Minutes for January 26'''
 
'''Approval of Meeting Minutes for January 26'''
  
Objections: none; Abstentions: 0 ; Approval: 7
+
Objections: None; Abstentions: 0; Approval: 7
  
 
'''BH DAM'''
 
'''BH DAM'''
working with looking to the in relation to the privacy...?
 
looking at issues
 
putting the publication in front of a technical writer, once feedback reviewed will submit to HL7 publication
 
all comment addressed, no substantive changes
 
once
 
  
 +
* Project participants are updating the behavioral health model based on the privacy consent directives work and addressing issues with the HTML code. They also made the publication available to a technical writer for help with the language.
 +
* All comments have been addressed and there are no substantive changes.
 +
* Once the technical writer provides feedback, project leaders will submit the BH DAM for publication by each group.
  
'''HACC'''
+
'''Healthcare Security and Privacy Access Control Catalog'''
  
No update
+
* No update. Reminder sent to Nancy Orvis to withdraw DoD's negative vote after DoD reviews proposed resolution responses on ballot reconciliation sheet.
  
 
'''DPROV'''
 
'''DPROV'''
  
No update
+
* Johnathan announced that the S&I Framework DProv meeting this week will feature a walkthrough of the DSTU by Kathleen.
 
 
S&I reviewing the DPROV update, nothing new. but letting everyone know and talk through it for the audience to get a better understanding about what it is about.
 
  
 
'''PASS Access Control'''
 
'''PASS Access Control'''
  
In touch with Alex Mense, one comment needs clarification from Bernd, otherwise completed with reconciliation and updates to document
+
* Diana remains in touch with Alex Mense, who will summarize/clarify one comment from Bernd Blobel and return it to Diana; otherwise, reconciliation and updates to document are complete.
 
 
'''Joint EHR
 
  
meeting this AM
+
'''Joint EHR, Security, Privacy Vocabulary Alignment'''
  
* presentation on the model created based on the provenance modeling
+
* At this morning's meeting, Mike presented models for terms based on the provenance modeling system. Diana described where the terms came from and identified the reason for the divergence in the terms between DICOM and ISO 21089.
* definitions found for the Lifecycle values that are found in DICOM in anticipation of harmonization proposal for FHIR
 
* next step is continuing with the modeling and prep for the harmonization proposal for the definitions
 
* Kathleen has comments issues) with the codes, where the definitions come from RBAC but are already in data operations code systems.  we may be able to get away for code systems for life cycles and having a value set for life cycles to pull in the data operations.
 
** ISO, vocab WG guidance needed
 
  
 
'''Privacy by Design Discussion'''
 
'''Privacy by Design Discussion'''
  
OASIS PbD committee attendance - edition and updating their specification
+
OASIS PbD committee is editing and updating their PbD spec
 
 
* high level PbD principals to prescribe...
 
* the spec allows once to do is effect privacy, minimizing risk
 
  
* any interest in leveraging  the guidance and requirements
+
* any interest in leveraging  the guidance and requirements?
 
** focus on privacy
 
** focus on privacy
 
** ongoing projects (?), current projects which may benefit to provide feedback/input to leverage the work already done in the spec
 
** ongoing projects (?), current projects which may benefit to provide feedback/input to leverage the work already done in the spec
** we've spoken about this in the Security WG; the standards governance board (Pat VanDyke) and they were supportive. with the ARB to build a SAIF IG, leveraging the PbD spec. so that we get further  
+
** we've spoken about this in the Security WG; the standards governance board (Pat Van Dyke) was supportive. Work with the ArB to build a SAIF IG, leveraging the PbD spec. so that we get further  
 
* we have a green light to do this
 
* we have a green light to do this
** we need zHL7...
+
** meant to assist groups (i.e. FHIR) with a test script so that they are actually implementing privacy in FHIR
** progress to assist groups i.e. FHIR with a test script to be part of the quality requirements that they pass the test script so that they are actually implementing privacy in FHIR
 
  
it's a matter of how we want to move forward. security or CBCC to lead with ARB as supporting WG
+
It's a matter of how we want to move forward. Security or CBCC to lead with ArB as supporting WG?
  
* reach out to ARB (POC?) to make sure we have buy in with our PSS  
+
* reach out to ArB (POC?) to make sure we have buy-in with our PSS  
* divide work with CBCC doing overarching guidance, security working on test scripts and operationalizing it piece/risk assessment (divide the work)
+
* divide work with CBCC doing overarching guidance, Security working on test scripts and operationalizing it (risk assessment)
  
what distinguished PbD from other approaches of privacy.
+
What distinguishes PbD from other approaches to privacy?
  
* more in the software engineering realm of privacy where software engineering are... with respect to...  what they produce confirms with privacy protecting high level principals that are out there. framework for privacy, internationally approved and accepted. further detail into the software engineering portion that makes the documentation confirm w privacy principals (Seven high level principals); in developing area; framework has been approved internationally.
+
* more in the software engineering realm of privacy where software engineering what software engineers produce conforms with privacy-protecting high level principles that are out there. It's a framework for privacy, internationally approved and accepted. Further detail into the software engineering portion that makes the documentation conform with privacy principles (7 high level principles).
  
 
* documentation from a high level perspective (Rick will post)
 
* documentation from a high level perspective (Rick will post)
 
* UMA and HEART in Kantara did a privacy by design analysis
 
* UMA and HEART in Kantara did a privacy by design analysis
  
* definitely move forward with the PbD work, natural tie in with the work that security is already working on
+
* definitely move forward with the PbD work, natural tie-in with the work that Security is already working on
 
** recommend co-sponsorship
 
** recommend co-sponsorship
  
PSS to be started by Rick and Suzanne
+
* PSS to be started by Rick and Suzanne, who will email the OASIS Privacy by Design (PbD) co-chairs an invite to next week's CBCC meeting so that they can brief the group on Privacy by Design and what it entails, and then outline how OASIS brought PbD to the stage of an OASIS technical committee. They will then cover the activities of the PbD committee.
 
 
ask OASIS of PbD to give us information, give us a direction on where they’re going with the spec. what are they doing in OASIS; have them attend our CBCC meeting (Chair Anne Kabukian sp?)
 
  
is the goal of the PSS to create a healthcare profile of the oasis work?
+
Is the goal of the PSS to create a healthcare profile of the OASIS work?
  
* the okay we would create a SAIF-compliant is a healthcare related, w security by design... for those who claim conformance...and operationalize
+
* we would create a SAIF-compliant IG that is healthcare-related, with security by design factored in as well - for those who claim conformance - and operationalize it
  
Meeting adjourned at 12:36 AZT
+
''Meeting adjourned at 12:36 AZT''

Latest revision as of 18:34, 9 February 2016

Community-Based Collaborative Care Working Group Meeting

Back to CBCC Main Page

Meeting Information

Attendees

Member Name x Member Name x Member Name
x Johnathan ColemanCBCC Co-Chair x Suzanne Gonzales-Webb CBCC Co-Chair x Jim Kretz CBCC Co-Chair
. Max Walker CBCC Co-Chair x Mike Davis Security Co-Chair John Moehrke Security Co-Chair
x Kathleen Connor Ken Salyards CBCC Interim Co-Chair Lori Simon CBCC Interim Co-Chair
x Diana Proud-Madruga SOA Interim Co-Chair x Rick Grow . Harry Rhodes
x Serafina Versaggi x Ioana Singureanu x Glen Marshall
x Steve Eichner . Steve Daviss . Wende Baker
x Neelima Chennamaraja Lee Wise x Mike Lardiere
Reed Gelzer . Marlowe Greenberg Chris Clark, WV
. Paul Knapp . Matt Peeling Brian Newton
. William Kinsley Lisa Nelson . Amanda Nash
x Russell McDonell Susan Litton David Bergman
. Linda Bailey-Woods Debbie Bucci Chirag Bhatt
Oliver Lawless Keith Boone Lori McNeil Tolley
. Mohammed Jafari Rob Horn Gary Dickinson
Beth Pumo

Back to CBCC Main Page

Agenda

  1. (05 min) Roll Call, Approve Meeting Minutes from January 26, 2016 CBCC Conference Call
  2. (05 min) Behavioral Health Domain Analysis Model (HL7 BH DAM) Ballot Update
  3. (05 min) Healthcare Security and Privacy Access Control Catalog - Update post ballot
  4. (05 min) Data Provenance DPROV Update - (Standing Agenda Item) - Update
  5. (10 min) PASS Access Control Services Conceptual Model - (Standing agenda item) update (Diana)
  6. (10 min) Joint EHR, Security, Privacy Vocabulary Alignment - (Standing agenda item) update (Diana/Mike)
  7. (xx min) Privacy by Design Discussion
  8. Ballot Reconciliation for Consent Directive - pushed to next week (February 9 meeting)

Back to CBCC Main Page 

**New**  
FHIR Security Topics  in support of FHIM
Meeting Information:  Tuesdays 2:00PM PT/5:00PM ET
Phone: +1 770-657-9270, Participant Code: 994563 hosted by Security
Web meeting Info:   https://global.gotomeeting.com/join/520841173  
Discussion includes: Security - Audit, Provenance, Labels, Signature

**New Day Time!!** 
FHIR Consent Profile (FHIR Privacy IG)  FRIDAY 10AM PT / 12NOON ET hosted by CBCC
GoToMeeting information: https://global.gotomeeting.com/join/520841173 
Phone: +1 770-657-9270, Participant Code: 994563

Meeting Minutes (DRAFT)

Approval of Meeting Minutes for January 26

Objections: None; Abstentions: 0; Approval: 7

BH DAM

  • Project participants are updating the behavioral health model based on the privacy consent directives work and addressing issues with the HTML code. They also made the publication available to a technical writer for help with the language.
  • All comments have been addressed and there are no substantive changes.
  • Once the technical writer provides feedback, project leaders will submit the BH DAM for publication by each group.

Healthcare Security and Privacy Access Control Catalog

  • No update. Reminder sent to Nancy Orvis to withdraw DoD's negative vote after DoD reviews proposed resolution responses on ballot reconciliation sheet.

DPROV

  • Johnathan announced that the S&I Framework DProv meeting this week will feature a walkthrough of the DSTU by Kathleen.

PASS Access Control

  • Diana remains in touch with Alex Mense, who will summarize/clarify one comment from Bernd Blobel and return it to Diana; otherwise, reconciliation and updates to document are complete.

Joint EHR, Security, Privacy Vocabulary Alignment

  • At this morning's meeting, Mike presented models for terms based on the provenance modeling system. Diana described where the terms came from and identified the reason for the divergence in the terms between DICOM and ISO 21089.

Privacy by Design Discussion

OASIS PbD committee is editing and updating their PbD spec

  • any interest in leveraging the guidance and requirements?
    • focus on privacy
    • ongoing projects (?), current projects which may benefit to provide feedback/input to leverage the work already done in the spec
    • we've spoken about this in the Security WG; the standards governance board (Pat Van Dyke) was supportive. Work with the ArB to build a SAIF IG, leveraging the PbD spec. so that we get further
  • we have a green light to do this
    • meant to assist groups (i.e. FHIR) with a test script so that they are actually implementing privacy in FHIR

It's a matter of how we want to move forward. Security or CBCC to lead with ArB as supporting WG?

  • reach out to ArB (POC?) to make sure we have buy-in with our PSS
  • divide work with CBCC doing overarching guidance, Security working on test scripts and operationalizing it (risk assessment)

What distinguishes PbD from other approaches to privacy?

  • more in the software engineering realm of privacy where software engineering what software engineers produce conforms with privacy-protecting high level principles that are out there. It's a framework for privacy, internationally approved and accepted. Further detail into the software engineering portion that makes the documentation conform with privacy principles (7 high level principles).
  • documentation from a high level perspective (Rick will post)
  • UMA and HEART in Kantara did a privacy by design analysis
  • definitely move forward with the PbD work, natural tie-in with the work that Security is already working on
    • recommend co-sponsorship
  • PSS to be started by Rick and Suzanne, who will email the OASIS Privacy by Design (PbD) co-chairs an invite to next week's CBCC meeting so that they can brief the group on Privacy by Design and what it entails, and then outline how OASIS brought PbD to the stage of an OASIS technical committee. They will then cover the activities of the PbD committee.

Is the goal of the PSS to create a healthcare profile of the OASIS work?

  • we would create a SAIF-compliant IG that is healthcare-related, with security by design factored in as well - for those who claim conformance - and operationalize it

Meeting adjourned at 12:36 AZT

Retrieved from "https://wiki.hl7.org/w/index.php?title=February_02,_2016_CBCC_Conference_Call&oldid=114986"