This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

Difference between revisions of "April 10, 2018 Security Conference Call"

From HL7Wiki
Jump to navigation Jump to search
(Created page with "Back to Security Main Page ==Attendees== {| class="wikitable" |- !x||'''Member Name'''|| !! x ||'''Member Name''' !!|| x ||'''Member Name''' !!|| x ||'''Membe...")
 
 
(8 intermediate revisions by 2 users not shown)
Line 15: Line 15:
 
||||x|| [mailto:Suzanne.Webb@bookzurman.com Suzanne Gonzales-Webb]
 
||||x|| [mailto:Suzanne.Webb@bookzurman.com Suzanne Gonzales-Webb]
 
||||x|| [mailto:mike.davis@va.gov Mike Davis]
 
||||x|| [mailto:mike.davis@va.gov Mike Davis]
||||.|| [mailto:david.staggs@bookzurman.com David Staggs]
+
||||x|| [mailto:david.staggs@bookzurman.com David Staggs]
 
   
 
   
 
|-
 
|-
|| .|| [mailto:Diana.Proud-Madruga@engilitycorp.com Diana Proud-Madruga]
+
|| x|| [mailto:Diana.Proud-Madruga@engilitycorp.com Diana Proud-Madruga]
 
||||x|| [mailto:fjaureui@electrosoft-inc.com Francisco Jauregui]
 
||||x|| [mailto:fjaureui@electrosoft-inc.com Francisco Jauregui]
 
||||x|| [mailto:joe.lamy@aegis.net Joe Lamy]
 
||||x|| [mailto:joe.lamy@aegis.net Joe Lamy]
 
||||.|| [mailto:glinden@lindentechadvisiors.com Greg Linden]
 
||||.|| [mailto:glinden@lindentechadvisiors.com Greg Linden]
 
|-
 
|-
||.|| [mailto:pknapp@pknapp.com Paul Knapp]
+
|| x|| [mailto:rhonna.clark@va.gov Rhonna Clark]
 
||||.|| [mailto:grahameg@gmail.com Grahame Grieve]
 
||||.|| [mailto:grahameg@gmail.com Grahame Grieve]
 
||||.|| [mailto:jc@securityrs.com Johnathan Coleman]
 
||||.|| [mailto:jc@securityrs.com Johnathan Coleman]
||||.|| [mailto:aaron.seib@2311.net Aaron Seib]
+
||||x|| [mailto: Matt Blackman, Sequoia]
 
|-
 
|-
|| .|| [mailto:ken.salyards@samhsa.hhs.gov Ken Salyards]
+
||. || [mailto:mjafari@edmondsci.com Mohammed Jafari]
||||.|| [mailto:jim.kretz@samhsa.gov Jim Kretz]
+
||||x|| [mailto:jim.kretz@samhsa.gov Jim Kretz]
||||.|| [mailto:gary.dickinson@ehr-standards.com Gary Dickinson]
+
||||.|| [mailto:pbspamfilteracct@gmail.com Peter Bachman]
 
||||x|| [mailto:dsilver@electrosoft-inc.com Dave Silver]
 
||||x|| [mailto:dsilver@electrosoft-inc.com Dave Silver]
 
|-
 
|-
||  x|| [mailto:Beth.Pumo@kp.org Beth Pumo]
+
||  .|| [mailto:Beth.Pumo@kp.org Beth Pumo]
 
||||.|| [mailto:Bo.Dagnall@dxc.com Bo Dagnall]
 
||||.|| [mailto:Bo.Dagnall@dxc.com Bo Dagnall]
 
||||.|| [mailto:rikimerrick@gmail.com Riki Merrick]
 
||||.|| [mailto:rikimerrick@gmail.com Riki Merrick]
 
||||.|| [mailto:acg.internajonal@gmail.com Theresa Connor]
 
||||.|| [mailto:acg.internajonal@gmail.com Theresa Connor]
 
|-
 
|-
||. || [mailto:mjafari@edmondsci.com Mohammed Jafari]
 
||||.|| [mailto:ioana.singureanu@gmail.com Ioana Singureanu]
 
||||.|| [mailto:pbspamfilteracct@gmail.com Peter Bachman]
 
||||x|| [mailto: Matt Blackman, Sequoia]
 
  
 
|-
 
|-
Line 52: Line 48:
 
#''(5 min)'' '''TF4FA Normative Ballot - time to vote''' - Mike
 
#''(5 min)'' '''TF4FA Normative Ballot - time to vote''' - Mike
 
#''(15 min)'' '''FHIR Security Updates''' - John
 
#''(15 min)'' '''FHIR Security Updates''' - John
#''(15 min)'' '''Security Cologne May WGM Agenda''' - Kathleen
+
#''(15 min)'' '''[http://wiki.hl7.org/index.php?title=HL7_May_2018_WGM_AGENDA_-_Cologne,_Germany Security Cologne May WGM Agenda]''' - Kathleen
 
 
  
==Meeting Minutes DRAFT==
+
==Meeting Minutes==
 
Chris Shawn, chair
 
Chris Shawn, chair
 
Roll Call, Agenda Review, Meeting Minutes approval
 
Roll Call, Agenda Review, Meeting Minutes approval
 +
 +
http://wiki.hl7.org/index.php?title=April_10,_2018_Security_Conference_Call
 +
* Motion: Meeting Minutes Approval (Kathleen/Johnathan)
 +
* Opposed: none; Abstentions: none; Approved: 12
 +
 +
'''TF4FA Ballot''' - Mike
 +
* Time to vote, we are hoping things go well
 +
* Ballot is Normative
 +
* Intend to continue with the PSAF charter (also mentioned on CBCP); have started work on Audit volume 3
 +
** Volume 3 will have elements of life cycle events and Audit and Provenance
 +
** A&P are related, the work with did with EHR - Provenance of things and lifecycle events and audit
 +
** First thought is to look into block chain technology--signed ledger idea behind that---trust history; we’ve already brought up a little of this...we will not get too detailed in it
 +
** We have idea of by September by then to ballot in January - depending on how the current two volumes go with Normative
 +
 +
'''FHIR Security update''' -John M
 +
* We are working through the ONC API and security
 +
** Next item is input validation, agreed to add as an item as a high-level punch list on security spec
 +
** Discussion on litmus test to help determine something that rises to the level that we should say something otherwise we will duplicate the existing security works--which is not desired
 +
** We didn’t come up with a good litmus test--but we will add... one for now... when is it something specific to securing FHIR vs we should have some recommendation to use a security framework and have a list of some security frameworks--we haven't yet touched upon (it will have to be a topic) ...
 +
**Continuing to work through the ONC paper
 +
* New time is better meeting time 2PM ET (right before this meeting)
 +
 +
Cologne Agenda - Kathleen
 +
(DRAFT)
 +
* Produced from themes discussed
 +
* Adjustments made to the Security WGM agenda (discussion)
 +
* [http://wiki.hl7.org/index.php?title=HL7_May_2018_WGM_AGENDA_-_Cologne,_Germany http://wiki.hl7.org/index.php?title=HL7_May_2018_WGM_AGENDA_-_Cologne,_Germany]
 +
* Updates on ballot, TEFCA, GDPR (specifically to review gaps),
 +
** Request made to not make US specific regarding ONC topic on agenda
 +
* NOTE: DRAFT, not final
 +
* ''' ''Alex to ask EU folk for agenda items''' ''
 +
 +
Meeting adjourned at 1235 Arizona Time  --[[User:Suzannegw|Suzannegw]] ([[User talk:Suzannegw|talk]]) 15:35, 10 April 2018 (EDT)

Latest revision as of 05:13, 15 April 2018

Back to Security Main Page

Attendees

x Member Name x Member Name x Member Name x Member Name
x John Moehrke Security Co-chair x Kathleen Connor Security Co-chair x Alexander Mense Security Co-chair . Trish Williams Security Co-chair
x Christopher Shawn Security Co-chair x Suzanne Gonzales-Webb x Mike Davis x David Staggs
x Diana Proud-Madruga x Francisco Jauregui x Joe Lamy . Greg Linden
x Rhonna Clark . Grahame Grieve . Johnathan Coleman x [mailto: Matt Blackman, Sequoia]
. Mohammed Jafari x Jim Kretz . Peter Bachman x Dave Silver
. Beth Pumo . Bo Dagnall . Riki Merrick . Theresa Connor

Back to Security Main Page

Agenda

  1. (2 min) Roll Call, Agenda Approval
  2. (5 min) Review and Approval of April 3rd minutes
  3. (5 min) TF4FA Normative Ballot - time to vote - Mike
  4. (15 min) FHIR Security Updates - John
  5. (15 min) Security Cologne May WGM Agenda - Kathleen

Meeting Minutes

Chris Shawn, chair Roll Call, Agenda Review, Meeting Minutes approval

http://wiki.hl7.org/index.php?title=April_10,_2018_Security_Conference_Call

  • Motion: Meeting Minutes Approval (Kathleen/Johnathan)
  • Opposed: none; Abstentions: none; Approved: 12

TF4FA Ballot - Mike

  • Time to vote, we are hoping things go well
  • Ballot is Normative
  • Intend to continue with the PSAF charter (also mentioned on CBCP); have started work on Audit volume 3
    • Volume 3 will have elements of life cycle events and Audit and Provenance
    • A&P are related, the work with did with EHR - Provenance of things and lifecycle events and audit
    • First thought is to look into block chain technology--signed ledger idea behind that---trust history; we’ve already brought up a little of this...we will not get too detailed in it
    • We have idea of by September by then to ballot in January - depending on how the current two volumes go with Normative

FHIR Security update -John M

  • We are working through the ONC API and security
    • Next item is input validation, agreed to add as an item as a high-level punch list on security spec
    • Discussion on litmus test to help determine something that rises to the level that we should say something otherwise we will duplicate the existing security works--which is not desired
    • We didn’t come up with a good litmus test--but we will add... one for now... when is it something specific to securing FHIR vs we should have some recommendation to use a security framework and have a list of some security frameworks--we haven't yet touched upon (it will have to be a topic) ...
    • Continuing to work through the ONC paper
  • New time is better meeting time 2PM ET (right before this meeting)

Cologne Agenda - Kathleen (DRAFT)

Meeting adjourned at 1235 Arizona Time --Suzannegw (talk) 15:35, 10 April 2018 (EDT)