Difference between revisions of "April 18, 2017 Security Conference Call"
(4 intermediate revisions by the same user not shown) | |||
Line 78: | Line 78: | ||
=='''Minutes'''== | =='''Minutes'''== | ||
− | Chaired by Kathleen | + | * Chaired by Kathleen Connor |
− | * Agenda Approved | + | * Agenda: Reviewed and Approved |
− | * April | + | * April 11th Security WG Call Meeting Minutes Reviewed and Approved |
− | * WG Calls to Be Canceled Due to Madrid: | + | * WG Calls to Be Canceled Due to Madrid: |
** Security: May 2nd, May 9th, May 16th | ** Security: May 2nd, May 9th, May 16th | ||
** FHIR: potentially May 2nd, May 9th, May 16th | ** FHIR: potentially May 2nd, May 9th, May 16th | ||
− | *** | + | * Consumer Oriented TF4FA - Mike Davis: |
− | *** | + | ** Mike: |
− | *** | + | *** Ongoing Activities in ONC (govt) and CARIN Alliance (private), aligned with former HSS Secretary Mike Leavitt; interested in establishing patient oriented trust frameworks to support ability for patients to send and receive information anywhere at any time |
− | ** | + | **** Interested in assurance of identity of patient having to do with apps - how is app register and certified |
− | *** | + | **** Consumer directed exchanges using FHIR; CMS teams working on Blue Button on FHIR |
− | ***** | + | *** Our current Trust Framework is distinctly healthcare organization focused. Possible to expand our viewpoint of Trust Framework to gauge impact if patients were customer as opposed to organization being customer. Could use existing patient policies in our framework to extend scope to use cases that include patient. |
− | ***** | + | *** Patient is a gap that the Authentication Framework may have – types of credentials patients should be able to use themselves; different mechanisms – LA2 or OAuth, etc. |
− | ***** | + | ** Katherine: |
− | ***** | + | *** If focus on authentication rather than authorization, ability of patient to control what is done with their data, is there a way to enable patient data to flow easier to secondary users? |
− | ***** | + | *** Focus more on assurance at patient level; will have multiple providers and applications; must trust the application |
− | **** | + | *** Type of credentials to be used |
− | **** | + | ** John: |
− | **** | + | *** Level of security applies to any level of identity security token; doesn’t add a vector which is specifically useful or not useful for patients. |
− | **** | + | *** Binding between the user identity and patient identity has been discussed. |
− | ***** | + | *** Potentially deferrable as there is a service which exists which will provide the cross reference between this user and this patient identity or taking step further this user and this related party supporting custodians, patients, children relationships. Usually the quickest way is to assert there is some service that provides that cross reference as a dedicated service between user identity and patient for supporting this Trust Framework. |
− | *** Kathleen | + | ** Mike: |
− | **** | + | *** Agrees on level of assurance. App acts as intermediary; patient must trust app; patient decides what information they will provide app; app could be a phr – sending info to other apps, i.e. “internet of things”; need app to app confidence of trust |
− | *** | + | ** John: |
− | *** | + | *** Also true for provider app; important vector but not unique vector. |
+ | *** Mobile WG may be working on this but may not be focusing on providers vs patients vs support groups vs patients. Could utilize TF4FA. | ||
+ | ** Kathleen: | ||
+ | *** Katara focus on consumers provides more clout in marketplace and ability to negotiate trust framework contract; reviewed number of approaches; TF4FA with a consumer orientation could provide the conceptual information which could point the protocol specific implementers/developers to assign standards that could work in the marketplace and describe reasons that will drive this: | ||
+ | **** Providers and EHR vendors will view positively as they won’t have to deal with managing consent; won’t be accountable for breaches but would have to ensure security is correct; would be more manageable resulting in more consumers | ||
+ | **** Consumers will understand they have this access with technology to enable them to negotiate, more equitable marketplace for the users of their data; on cusp of where this could happen in terms of socio economic factors. | ||
+ | ** Mike : | ||
+ | *** Received email request from VA people to review presentations | ||
+ | **** DC at Hilton on CT; April 26th from 2:00-5:00 | ||
+ | **** ONC very engage | ||
+ | **** Mike will request input from VA. | ||
+ | **** Kathleen to request input from Jonathan, Mark or Ollie | ||
+ | **Other Notes: | ||
+ | *** CARIN is meeting in December regarding this subject. Perhaps ask for presentation. | ||
+ | *** TF4FA next generation to include a plan | ||
+ | *** Mobile WG is aligned | ||
− | * FHIR | + | * FHIR: |
+ | ** 13143: “Ambiguous” should be “unambiguous” | ||
+ | *** Auto Approved | ||
+ | ** 12501: | ||
+ | *** Graham has asked that provenance reason and activity are set to coding instead of codeable concept. Codeable concepts allow more flexibility. | ||
+ | *** Kathleen moves to accept/Diana seconds (8-0-0) | ||
+ | ** 13012: | ||
+ | *** Period - in provenance, we have a period where the activity occurred and an instance when the activity was recorded. Perhaps Lloyd doesn’t realize we have both. Request clarification from Lloyd; perhaps looking for single consistent approach throughout FHIR. | ||
+ | *** If differentiate, could be different data element – effective time vs availability time | ||
+ | *** Mention to Lloyd these two elements exist and have intentionally not been bound together | ||
+ | ** 13015 | ||
+ | *** Use of element name “on behalf of”; workflow effort within FHIR is using “on behalf of” element name to indicate workflow is on behalf of this order. Let’s look at both. Perhaps they can use “in support of.” | ||
+ | *** “On behalf of” directly from WC3 and agrees with WC3 terminology; use both for agent to agent and activity to activity. Need two groups – higher level definition says one activity or entity on behalf or for the purpose of promoting another entity – i.e., a generic definition that serves both parties. | ||
+ | *** Confirmed WC3 term is “acted on behalf of” | ||
+ | *** Definition for actedONBehalfOf: www.w3.org/ns/prov | ||
+ | *** Comment non persuasive based on definition above (Diana/Mike 8-0-0) | ||
+ | ** 13016 | ||
+ | *** Participation be top role/what were security roles | ||
+ | *** To be discussed further | ||
+ | ** Today’s FHIR call to be canceled | ||
− | * Call | + | * Call Ended |
Latest revision as of 19:02, 25 April 2017
Attendees
x | Member Name | x | Member Name | x | Member Name | x | Member Name | |||
---|---|---|---|---|---|---|---|---|---|---|
x | John MoehrkeSecurity Co-chair | x | Kathleen ConnorSecurity Co-chair | . | Alexander Mense Security Co-chair | . | Trish WilliamsSecurity Co-chair | |||
x | Mike Davis | . | Suzanne Gonzales-Webb | x | David Staggs | . | Mohammed Jafari | |||
. | Glen Marshall, SRS | x | Beth Pumo | . | Ioana Singureanu | . | Rob Horn | |||
x | Diana Proud-Madruga | . | Serafina Versaggi | x | Joe Lamy | . | Galen Mulrooney | |||
. | Duane DeCouteau | . | Chris Clark | . | Johnathan Coleman | . | Aaron Seib | |||
. | Ken Salyards | . | Christopher D Brown TX | . | Gary Dickinson | x | Dave Silver | |||
. | Rick Grow | . | William Kinsley | . | Paul Knapp | x | Mayada Abdulmannan | |||
. | Kamalini Vaidya | . | Bill Kleinebecker | x | Christopher Shawn | . | Grahame Grieve | |||
. | Oliver Lawless | . | Ken Rubin | . | David Tao | . | Nathan Botts |
Agenda
- (2 min) Roll Call, Agenda Approval
- (4 min) Review and Approval of Security WG Call Minutes April 11, 2017
- (5 min) TF4FA Ballot Report - Kathleen
- (20 min) Consumer Oriented TF4FA - Mike Davis
- (10 min) FHIR Security Call - Please review front matter - John Moehrke
==Consumer Oriented TF4FA
Current Trust Frameworks are static; once established, these are very hard to change. Static Trust Frameworks are typically oriented to those who control information and value flows. Consumers seem to have little or no voice in these Trust Framework Trust Policy, or the resulting Trust Recipient or Trust Relying Party Agreements.
Should the HL7 TF4FA be more encompassing of healthcare consumers as parties in the negotiation of Trust Frameworks for Federated Authorization with counterparties with which they can share health information on terms that consumers find more attractive in some way - e.g., for more control of their information's privacy and security, or even for compensation for use of their health information?
Enabling healthcare consumers to negotiate more equitable trust framework will require changing the balance of power where custodians "own" the consumer's health information. Patient Right of Access is disrupting that paradigm. It may be that providers and EHR vendors will see an advantage in supporting PRA as a means to off-load breach liability and consent management, and by simply duplicating patient information in a server accessible to patients for view, download, and transmit, they are able to avoid EHR security issues, although they still have responsibility for the security of a PRA store.
At the same time as custodians are seeing advantages, so are secondary users of patient information. PRA is attractive in that it reduces friction resulting from meeting data sharing requirements of custodians. At this juncture however, these secondary users seem somewhat inclined to negotiate with the consumers that are now supplying them with patient information.
As this new mode of sharing health information scales, healthcare consumers' market place clout to demand more control will increase. With user friendly trust negotiation technologies, we can imagine many healthcare consumers with 0..* trust domains, and 0..* privacy preferences, and security and trust risk tolerances having more and more health information consumers with which to bargain for their best trust contract deal.
HL7 TF4FA could serve as the conceptual model for the healthcare consumer trust negotiation technologies needed to enable this emerging market.
Minutes
- Chaired by Kathleen Connor
- Agenda: Reviewed and Approved
- April 11th Security WG Call Meeting Minutes Reviewed and Approved
- WG Calls to Be Canceled Due to Madrid:
- Security: May 2nd, May 9th, May 16th
- FHIR: potentially May 2nd, May 9th, May 16th
- Consumer Oriented TF4FA - Mike Davis:
- Mike:
- Ongoing Activities in ONC (govt) and CARIN Alliance (private), aligned with former HSS Secretary Mike Leavitt; interested in establishing patient oriented trust frameworks to support ability for patients to send and receive information anywhere at any time
- Interested in assurance of identity of patient having to do with apps - how is app register and certified
- Consumer directed exchanges using FHIR; CMS teams working on Blue Button on FHIR
- Our current Trust Framework is distinctly healthcare organization focused. Possible to expand our viewpoint of Trust Framework to gauge impact if patients were customer as opposed to organization being customer. Could use existing patient policies in our framework to extend scope to use cases that include patient.
- Patient is a gap that the Authentication Framework may have – types of credentials patients should be able to use themselves; different mechanisms – LA2 or OAuth, etc.
- Ongoing Activities in ONC (govt) and CARIN Alliance (private), aligned with former HSS Secretary Mike Leavitt; interested in establishing patient oriented trust frameworks to support ability for patients to send and receive information anywhere at any time
- Katherine:
- If focus on authentication rather than authorization, ability of patient to control what is done with their data, is there a way to enable patient data to flow easier to secondary users?
- Focus more on assurance at patient level; will have multiple providers and applications; must trust the application
- Type of credentials to be used
- John:
- Level of security applies to any level of identity security token; doesn’t add a vector which is specifically useful or not useful for patients.
- Binding between the user identity and patient identity has been discussed.
- Potentially deferrable as there is a service which exists which will provide the cross reference between this user and this patient identity or taking step further this user and this related party supporting custodians, patients, children relationships. Usually the quickest way is to assert there is some service that provides that cross reference as a dedicated service between user identity and patient for supporting this Trust Framework.
- Mike:
- Agrees on level of assurance. App acts as intermediary; patient must trust app; patient decides what information they will provide app; app could be a phr – sending info to other apps, i.e. “internet of things”; need app to app confidence of trust
- John:
- Also true for provider app; important vector but not unique vector.
- Mobile WG may be working on this but may not be focusing on providers vs patients vs support groups vs patients. Could utilize TF4FA.
- Kathleen:
- Katara focus on consumers provides more clout in marketplace and ability to negotiate trust framework contract; reviewed number of approaches; TF4FA with a consumer orientation could provide the conceptual information which could point the protocol specific implementers/developers to assign standards that could work in the marketplace and describe reasons that will drive this:
- Providers and EHR vendors will view positively as they won’t have to deal with managing consent; won’t be accountable for breaches but would have to ensure security is correct; would be more manageable resulting in more consumers
- Consumers will understand they have this access with technology to enable them to negotiate, more equitable marketplace for the users of their data; on cusp of where this could happen in terms of socio economic factors.
- Katara focus on consumers provides more clout in marketplace and ability to negotiate trust framework contract; reviewed number of approaches; TF4FA with a consumer orientation could provide the conceptual information which could point the protocol specific implementers/developers to assign standards that could work in the marketplace and describe reasons that will drive this:
- Mike :
- Received email request from VA people to review presentations
- DC at Hilton on CT; April 26th from 2:00-5:00
- ONC very engage
- Mike will request input from VA.
- Kathleen to request input from Jonathan, Mark or Ollie
- Received email request from VA people to review presentations
- Other Notes:
- CARIN is meeting in December regarding this subject. Perhaps ask for presentation.
- TF4FA next generation to include a plan
- Mobile WG is aligned
- Mike:
- FHIR:
- 13143: “Ambiguous” should be “unambiguous”
- Auto Approved
- 12501:
- Graham has asked that provenance reason and activity are set to coding instead of codeable concept. Codeable concepts allow more flexibility.
- Kathleen moves to accept/Diana seconds (8-0-0)
- 13012:
- Period - in provenance, we have a period where the activity occurred and an instance when the activity was recorded. Perhaps Lloyd doesn’t realize we have both. Request clarification from Lloyd; perhaps looking for single consistent approach throughout FHIR.
- If differentiate, could be different data element – effective time vs availability time
- Mention to Lloyd these two elements exist and have intentionally not been bound together
- 13015
- Use of element name “on behalf of”; workflow effort within FHIR is using “on behalf of” element name to indicate workflow is on behalf of this order. Let’s look at both. Perhaps they can use “in support of.”
- “On behalf of” directly from WC3 and agrees with WC3 terminology; use both for agent to agent and activity to activity. Need two groups – higher level definition says one activity or entity on behalf or for the purpose of promoting another entity – i.e., a generic definition that serves both parties.
- Confirmed WC3 term is “acted on behalf of”
- Definition for actedONBehalfOf: www.w3.org/ns/prov
- Comment non persuasive based on definition above (Diana/Mike 8-0-0)
- 13016
- Participation be top role/what were security roles
- To be discussed further
- Today’s FHIR call to be canceled
- 13143: “Ambiguous” should be “unambiguous”
- Call Ended