This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

Difference between revisions of "June 7, 2016 Security Conference Call"

From HL7Wiki
Jump to navigation Jump to search
 
(2 intermediate revisions by the same user not shown)
Line 7: Line 7:
 
!x||'''Member Name'''|| !!  x ||'''Member Name''' !!|| x ||'''Member Name''' !!
 
!x||'''Member Name'''|| !!  x ||'''Member Name''' !!|| x ||'''Member Name''' !!
 
|-
 
|-
||  x|| [mailto:Kathleen_Connor@comcast.net Kathleen Connor]Security Co-chair  
+
||  .|| [mailto:Kathleen_Connor@comcast.net Kathleen Connor]Security Co-chair  
 
||||.|| [mailto:duane.decouteau@gmail.com Duane DeCouteau]
 
||||.|| [mailto:duane.decouteau@gmail.com Duane DeCouteau]
 
||||.|| [mailto:Chris.R.Clark@wv.gov Chris Clark]
 
||||.|| [mailto:Chris.R.Clark@wv.gov Chris Clark]
Line 30: Line 30:
  
 
|-
 
|-
||  x|| [mailto:Suzanne.Webb@engilitycorp.com Suzanne Gonzales-Webb]
+
||  .|| [mailto:Suzanne.Webb@engilitycorp.com Suzanne Gonzales-Webb]
 
||||.|| [mailto:robert.horn@agfa.com Rob Horn]  
 
||||.|| [mailto:robert.horn@agfa.com Rob Horn]  
 
||||.|| [mailto:Galen.Mulrooney@JPSys.com Galen Mulrooney]
 
||||.|| [mailto:Galen.Mulrooney@JPSys.com Galen Mulrooney]
Line 81: Line 81:
  
 
==Minutes==
 
==Minutes==
 +
Chaired by John
 +
 +
-ApproveSecurity WG May 31, 2016 Minutes (deferred to next meeting)
 +
 +
 +
*Standards Privacy Impact Assessment Cookbook - Rick
 +
-After reviewing PSS, the TSC requested edits to reflect that project is indeed a guide and does not intend to impose a new requirement on HL7.
 +
Edited PSS to be shown to Security WG. CBCC voted to approve edited version on their 06/07/16 call.
 +
-PSS Advanced to technical steering committee to HL7 for e-vote
 +
-During the call they informed Rick they were concerned with the language in the scope section
 +
-Concern it may impose a new requirement
 +
-Rick edited with new language (using Encouraged in the scope) the section of concern so it can appear more of a Guide
 +
-Clarified the out of scope section to CBCC that it is up to the individual implementer to determine how to deal with the Privacy aspects
 +
-Provided CBCC with references on Privacy design work of  OASIS Privacy design work, W3C, IETF, and ISO Privacy framework Standard

Latest revision as of 19:02, 14 June 2016

Back to Security Work Group Main Page

Attendees

x Member Name x Member Name x Member Name
. Kathleen ConnorSecurity Co-chair . Duane DeCouteau . Chris Clark
X John MoehrkeSecurity Co-chair . Johnathan Coleman . Aaron Seib
x Alexander Mense Security Co-chair . Ken Salyards . Christopher D Brown TX
. Trish WilliamsSecurity Co-chair . Gary Dickinson x Dave Silver
x Mike Davis . Ioana Singureanu X Mohammed Jafari
. Suzanne Gonzales-Webb . Rob Horn . Galen Mulrooney
x Diana Proud-Madruga . Ken Rubin . William Kinsley
x Rick Grow . Paul Knapp x Mayada Abdulmannan
x Glen Marshall, SRS . Bill Kleinebecker x Christopher Shawn
. Oliver Lawless . [mailto . Serafina Versaggi
. Beth Pumo . Russell McDonell . Paul Petronelli , Mobile Health
. Christopher Doss . Kamalini Vaidya . [mailto: TBD ]

Back to Security Main Page

Agenda DRAFT

  1. (2 min) Roll Call, Agenda Approval
  2. (3 min) ApproveSecurity WG May 31, 2016 Minutes
  3. (20 min) FHIR Test Scripts Discussion with Aegis - Mario Hyland et al. Background: At WGM Gary invited Security to attend an EHR WG session to discuss approaches for encouraging uptake of Privacy, Security - especially Audit, Lifecycle Provenance, Trust FHIR infrastructure among FHIR Connectathon participants and implementers generally. This is a follow up discussion on previous approaches [Gary's tracks added Connectathon achievement points] and Lloyd's suggestion that passing test scripts could be tied in some way to Connectathon participation.
  4. (20 min) Update on the PSAF Security Policy model - Mike
  5. (10 min) Standards Privacy Impact Assessment Cookbook - Rick
  • After reviewing PSS, the TSC requested edits to reflect that project is indeed a guide and does not intend to impose a new requirement on HL7.
  • Edited PSS to be shown to Security WG. CBCC voted to approve edited version on their 06/07/16 call.
  1. (3 min) PASS Access Control Services Conceptual Model - Diana
  2. (3 min) PASS Audit Conceptual Model – Diana
  3. (2 min) Action Items, next call agenda, adjornment

Note that there will be a FHIR Security call at 2pm PT/5pm ET See agenda at FHIR Security Agenda

Minutes

Chaired by John

-ApproveSecurity WG May 31, 2016 Minutes (deferred to next meeting)


  • Standards Privacy Impact Assessment Cookbook - Rick

-After reviewing PSS, the TSC requested edits to reflect that project is indeed a guide and does not intend to impose a new requirement on HL7. Edited PSS to be shown to Security WG. CBCC voted to approve edited version on their 06/07/16 call. -PSS Advanced to technical steering committee to HL7 for e-vote -During the call they informed Rick they were concerned with the language in the scope section -Concern it may impose a new requirement -Rick edited with new language (using Encouraged in the scope) the section of concern so it can appear more of a Guide -Clarified the out of scope section to CBCC that it is up to the individual implementer to determine how to deal with the Privacy aspects -Provided CBCC with references on Privacy design work of OASIS Privacy design work, W3C, IETF, and ISO Privacy framework Standard