This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

Difference between revisions of "HL7 FHIR Security 2018-05-29"

From HL7Wiki
Jump to navigation Jump to search
 
(3 intermediate revisions by 2 users not shown)
Line 16: Line 16:
 
||  x||[mailto:john.moehrke@ge.med.com John Moehrke] Security Co-Chair
 
||  x||[mailto:john.moehrke@ge.med.com John Moehrke] Security Co-Chair
 
||||x||[mailto:Kathleen_Connor@comcast.net Kathleen Connor] Security Co-Chair
 
||||x||[mailto:Kathleen_Connor@comcast.net Kathleen Connor] Security Co-Chair
||||x||[mailto:mense@fhtw.onmicrosoft.com Alexander Mense] Security Co-chair
+
||||.||[mailto:mense@fhtw.onmicrosoft.com Alexander Mense] Security Co-chair
 
|-
 
|-
 
||  x||[mailto:suzanne.webb@engilitycorp.com Suzanne Gonzales-Webb] CBCC Co-Chair   
 
||  x||[mailto:suzanne.webb@engilitycorp.com Suzanne Gonzales-Webb] CBCC Co-Chair   
Line 22: Line 22:
 
||||.||[mailto:christopher.shawn2@va.gov Chris Shawn] Security co-chair
 
||||.||[mailto:christopher.shawn2@va.gov Chris Shawn] Security co-chair
 
|-
 
|-
||  .||[mailto:ali.massihi@hhs.gov Ali Massihi]
+
||  x||[mailto:jim.kretz@samhsa.hhs.gov Jim Kretz]
||||.||[mailto:Mike.Davis@va.gov Mike Davis]
+
||||x||[mailto:kenneth.salyards@samhsa.hhs.gov Kenneth Salyards]
 
||||.||[mailto:nathanbotts@westat.com Nathan Botts] Mobile co-chair
 
||||.||[mailto:nathanbotts@westat.com Nathan Botts] Mobile co-chair
 
|-
 
|-
 
||  x||[mailto:Diana.Proud-Madruga@engilitycorp.com Diana Proud-Madruga]
 
||  x||[mailto:Diana.Proud-Madruga@engilitycorp.com Diana Proud-Madruga]
||||.||[mailto:joe.lamy@aegis.net Joe Lamy] AEGIS
+
||||x||[mailto:joe.lamy@aegis.net Joe Lamy] AEGIS
 
||||.||[mailto:Beth.Pumo@kp.org Beth Pumo]
 
||||.||[mailto:Beth.Pumo@kp.org Beth Pumo]
 
|-
 
|-
 
||  .||[mailto:irina.connelly@gtri.gatech.edu Irina Connelly]
 
||  .||[mailto:irina.connelly@gtri.gatech.edu Irina Connelly]
||||x||[mailto:mblackmon@sequoiaproject.org  Matt Blackman] Sequoia
+
||||.||[mailto:mblackmon@sequoiaproject.org  Matt Blackman] Sequoia
 
||||.||[mailto:mark.underwood@kryptonbrothers.com Mark Underwood] NIST
 
||||.||[mailto:mark.underwood@kryptonbrothers.com Mark Underwood] NIST
 
|-
 
|-
Line 38: Line 38:
 
||||.||Kevin Shekleton (Cerner, CDS Hooks)
 
||||.||Kevin Shekleton (Cerner, CDS Hooks)
 
|-
 
|-
||  x||Luis Maas EMR Direct
+
||  x||[mailto:lcmaas@emrdirect.com Luis Maas EMR Direct]
||||x||[mailto:dave.silver@electrosoft-inc.com Dave Silver]
+
||||.||[mailto:dave.silver@electrosoft-inc.com Dave Silver]
||||.||Francisco Jauregui
+
||||x||[mailto:fjauregui@electrosoft-inc.com Francisco Jauregui]
 
|-
 
|-
 
|}
 
|}
Line 49: Line 49:
 
* approval of [[HL7 FHIR Security 2018-04-03]] and [[HL7 FHIR Security 2018-04-10]] and [[HL7 FHIR Security 2018-04-17]] and [[HL7 FHIR Security 2018-04-24]] Minutes
 
* approval of [[HL7 FHIR Security 2018-04-03]] and [[HL7 FHIR Security 2018-04-10]] and [[HL7 FHIR Security 2018-04-17]] and [[HL7 FHIR Security 2018-04-24]] Minutes
 
* Announcements
 
* Announcements
** none?
+
** [[GDPR (General Data Protection Regulation)]] whitepaper
 
* Johnathan specific guidance given a paper from ONC that might guide improvements to the security guidance  
 
* Johnathan specific guidance given a paper from ONC that might guide improvements to the security guidance  
 
** Johnathan sends regrets  
 
** Johnathan sends regrets  
Line 82: Line 82:
  
 
==Minutes==
 
==Minutes==
 +
* John Chaired
 +
* Minutes approved: Suzanne/Jim: 9-0-0
 +
* Discussion of GDPR findings at Cologne and interest in a 10 page whitepaper
 +
* JC to build some CR offline for bulk review and approval
 +
* Discussion of newest gForge items, notes saved in the specific gForge items
 +
* Loui mentioned ONC hacking of offered FHIR servers with some shocking simple security mistakes
 +
** https://github.com/Asymmetrik/node-fhir-server-core/labels/ONC%20FHIR%20Challenge%20Vulnerability
 +
** Likely should add some reminders of these basic steps on our security.html checklist

Latest revision as of 15:56, 2 June 2018

Call Logistics

Weekly: Tuesday at 02:00 pm EST

Web conference desktop and VOIP https://www.freeconferencecall.com/join/security36 
Online Meeting ID: security36
Phone: +1 515-604-9567, Participant Code: 880898
 Please be aware that teleconference meetings are recorded to assist with creating the meeting minutes 

Back to HL7 FHIR security topics

Attendees

Member Name Member Name Member Name
x John Moehrke Security Co-Chair x Kathleen Connor Security Co-Chair . Alexander Mense Security Co-chair
x Suzanne Gonzales-Webb CBCC Co-Chair x Johnathan Coleman CBCC co-chair . Chris Shawn Security co-chair
x Jim Kretz x Kenneth Salyards . Nathan Botts Mobile co-chair
x Diana Proud-Madruga x Joe Lamy AEGIS . Beth Pumo
. Irina Connelly . Matt Blackman Sequoia . Mark Underwood NIST
. Peter Bachman . Grahame Greve FHIR Program Director . Kevin Shekleton (Cerner, CDS Hooks)
x Luis Maas EMR Direct . Dave Silver x Francisco Jauregui

Agenda

ACTIONS

references

Minutes

  • John Chaired
  • Minutes approved: Suzanne/Jim: 9-0-0
  • Discussion of GDPR findings at Cologne and interest in a 10 page whitepaper
  • JC to build some CR offline for bulk review and approval
  • Discussion of newest gForge items, notes saved in the specific gForge items
  • Loui mentioned ONC hacking of offered FHIR servers with some shocking simple security mistakes