Difference between revisions of "May 31, 2016 Security Conference Call"
(Created page with "Back to Security Work Group Main Page ==Attendees== {| class="wikitable" |- !x||'''Member Name'''|| !! x ||'''Member Name''' !!|| x ||'''Member Name''' !! |- ...") |
|||
(One intermediate revision by one other user not shown) | |||
Line 67: | Line 67: | ||
==Agenda '''DRAFT'''== | ==Agenda '''DRAFT'''== | ||
# ''( 5 min)'' '''Roll Call, Agenda Approval''' | # ''( 5 min)'' '''Roll Call, Agenda Approval''' | ||
− | # ''( 5 min)'' '''Approve deferred [http://wiki.hl7.org/index.php?title= | + | # ''( 5 min)'' '''Approve deferred [http://wiki.hl7.org/index.php?title=May_24,_2016_Security_Conference_Call#Minutes Security WG May 24, 2016 Minutes] |
# ''(05 min)'' '''Approval of [http://wiki.hl7.org/index.php?title=May_2016_Montreal_WGM_-_Security May 2016 Montreal WGM - Security Minutes]''' | # ''(05 min)'' '''Approval of [http://wiki.hl7.org/index.php?title=May_2016_Montreal_WGM_-_Security May 2016 Montreal WGM - Security Minutes]''' | ||
# ''(20 min)'' '''[http://gforge.hl7.org/gf/download/docmanfileversion/9274/14375/High%20Level%20Info%20Model%20v0%200%207%20JMD.vsd Update on the PSAF Security Policy model]''' - Mike | # ''(20 min)'' '''[http://gforge.hl7.org/gf/download/docmanfileversion/9274/14375/High%20Level%20Info%20Model%20v0%200%207%20JMD.vsd Update on the PSAF Security Policy model]''' - Mike | ||
Line 78: | Line 78: | ||
==Minutes== | ==Minutes== | ||
− | * | + | *Approved-Security WG May 31, 2016 Minutes (John, Diana) (2/0/0) |
− | * | + | *Minutes Approval (Diana, Kathleen, Mike Abstained) (2/1/0) FHIR Test Scripts Discussion with Aegis - Mario Hyland et al. Background: At WGM Gary invited Security to attend an EHR WG session to discuss approaches for encouraging uptake of Privacy, Security - especially Audit, Lifecycle Provenance, Trust FHIR infrastructure among FHIR Connectathon participants and implementers generally. This is a follow up discussion on previous approaches [Gary's tracks added Connectathon achievement points] and Lloyd's suggestion that passing test scripts could be tied in some way to Connectathon participation. |
+ | |||
+ | *Update on the PSAF Security Policy model - Mike | ||
+ | -Privacy policy representation shared | ||
+ | -methodology main model has privacy policy connected to composite policy | ||
+ | -Has authority rule consent directive--> Jurisdictional organization---> consent grantee-->consent Grantor | ||
+ | -Next Step: Continue developing the model, the text will continue to be in PSAF, and we will continue to develop the content with the trust relationships | ||
+ | *Standards Privacy Impact Assessment Cookbook - Rick | ||
+ | -Continued work on diagrams align with other HL7 publications | ||
+ | -Working on diagrams to ensure they are easy to follow | ||
+ | -Will likely have complete by end of week | ||
+ | -Waiting on TSC for formal approval of PSS | ||
+ | (After reviewing PSS, the TSC requested edits to reflect that project is indeed a guide and does not intend to impose a new requirement on HL7. | ||
+ | Edited PSS to be shown to Security WG and vote requested to approve the edits.) | ||
+ | *PASS Access Control Services Conceptual Model - Diana | ||
+ | -On the Pass Access control service we are updating it with the comments | ||
+ | (3 min) PASS Audit Conceptual Model – Diana | ||
+ | -Waiting of TSC approval | ||
+ | |||
+ | *FHIR Security Call - John | ||
+ | - will be included next week | ||
+ | -FMG sent a questionnaire where do you think the maturity model resources is in need in the marketplace | ||
+ | -There are resources that are not maturing outside of committee. If we have resources that are not maturing, we are to notify FMG | ||
+ | - Kathleen: We have one issue with the entity agent | ||
+ | |||
+ | -Sending out a email to group to see who will participate in writing the pass audit services document, and will set up a call | ||
+ | *Action Items, next call agenda, adjournment |
Latest revision as of 18:26, 14 June 2016
Back to Security Work Group Main Page
Attendees
x | Member Name | x | Member Name | x | Member Name | |||
---|---|---|---|---|---|---|---|---|
x | Kathleen ConnorSecurity Co-chair | x | Duane DeCouteau | . | Chris Clark | |||
. | John MoehrkeSecurity Co-chair | . | Johnathan Coleman | . | Aaron Seib | |||
x | Alexander Mense Security Co-chair | . | Ken Salyards | . | Christopher D Brown TX | |||
. | Trish WilliamsSecurity Co-chair | . | Gary Dickinson | x | Dave Silver | |||
x | Mike Davis | . | Ioana Singureanu | . | Mohammed Jafari | |||
x | Suzanne Gonzales-Webb | . | Rob Horn | . | Galen Mulrooney | |||
x | Diana Proud-Madruga | . | Ken Rubin | . | William Kinsley | |||
x | Rick Grow | . | Paul Knapp | . | Mayada Abdulmannan | |||
x | Glen Marshall, SRS | . | Bill Kleinebecker | . | Christopher Shawn | |||
. | Oliver Lawless | . | [mailto | . | Serafina Versaggi | |||
. | Beth Pumo | . | Russell McDonell | . | Paul Petronelli , Mobile Health | |||
. | Christopher Doss | . | Kamalini Vaidya | . | [mailto: TBD ] |
Agenda DRAFT
- ( 5 min) Roll Call, Agenda Approval
- ( 5 min) Approve deferred Security WG May 24, 2016 Minutes
- (05 min) Approval of May 2016 Montreal WGM - Security Minutes
- (20 min) Update on the PSAF Security Policy model - Mike
- (5 min) Privacy Impact Assessment Cookbook Update - Rick
- ( 5 min) PASS Access Control Services Conceptual Model - Diana
- ( 5 min) PASS Audit Conceptual Model – Diana
Note that there will be a FHIR Security call at 2pm PT/5pm ET See agenda at FHIR Security Agenda
Minutes
- Approved-Security WG May 31, 2016 Minutes (John, Diana) (2/0/0)
- Minutes Approval (Diana, Kathleen, Mike Abstained) (2/1/0) FHIR Test Scripts Discussion with Aegis - Mario Hyland et al. Background: At WGM Gary invited Security to attend an EHR WG session to discuss approaches for encouraging uptake of Privacy, Security - especially Audit, Lifecycle Provenance, Trust FHIR infrastructure among FHIR Connectathon participants and implementers generally. This is a follow up discussion on previous approaches [Gary's tracks added Connectathon achievement points] and Lloyd's suggestion that passing test scripts could be tied in some way to Connectathon participation.
- Update on the PSAF Security Policy model - Mike
-Privacy policy representation shared -methodology main model has privacy policy connected to composite policy -Has authority rule consent directive--> Jurisdictional organization---> consent grantee-->consent Grantor -Next Step: Continue developing the model, the text will continue to be in PSAF, and we will continue to develop the content with the trust relationships
- Standards Privacy Impact Assessment Cookbook - Rick
-Continued work on diagrams align with other HL7 publications -Working on diagrams to ensure they are easy to follow -Will likely have complete by end of week -Waiting on TSC for formal approval of PSS (After reviewing PSS, the TSC requested edits to reflect that project is indeed a guide and does not intend to impose a new requirement on HL7. Edited PSS to be shown to Security WG and vote requested to approve the edits.)
- PASS Access Control Services Conceptual Model - Diana
-On the Pass Access control service we are updating it with the comments (3 min) PASS Audit Conceptual Model – Diana -Waiting of TSC approval
- FHIR Security Call - John
- will be included next week -FMG sent a questionnaire where do you think the maturity model resources is in need in the marketplace -There are resources that are not maturing outside of committee. If we have resources that are not maturing, we are to notify FMG - Kathleen: We have one issue with the entity agent
-Sending out a email to group to see who will participate in writing the pass audit services document, and will set up a call
- Action Items, next call agenda, adjournment