This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

Difference between revisions of "August 21, 2018 Security Conference Call"

From HL7Wiki
Jump to navigation Jump to search
 
(10 intermediate revisions by the same user not shown)
Line 3: Line 3:
 
==Attendees==
 
==Attendees==
 
   
 
   
meeting recording temporary:  hhttps://fccdl.in/7ooU0lXS9I
 
 
 
{| class="wikitable"
 
{| class="wikitable"
 
|-
 
|-
Line 10: Line 8:
 
|-
 
|-
 
||  x|| [mailto:JohnMoerke@gmail.com John Moehrke] Security Co-chair
 
||  x|| [mailto:JohnMoerke@gmail.com John Moehrke] Security Co-chair
||||.|| [mailto:Kathleen_Connor@comcast.net Kathleen Connor] Security Co-chair  
+
||||x|| [mailto:Kathleen_Connor@comcast.net Kathleen Connor] Security Co-chair  
 
||||.|| [mailto:mense@fhtw.onmicrosoft.com Alexander Mense] Security Co-chair
 
||||.|| [mailto:mense@fhtw.onmicrosoft.com Alexander Mense] Security Co-chair
 
||||.|| [mailto:trish.williams@ecu.edu.au Trish Williams] Security Co-chair
 
||||.|| [mailto:trish.williams@ecu.edu.au Trish Williams] Security Co-chair
Line 17: Line 15:
 
||||x|| [mailto:Suzanne.Webb@bookzurman.com Suzanne Gonzales-Webb]
 
||||x|| [mailto:Suzanne.Webb@bookzurman.com Suzanne Gonzales-Webb]
 
||||x|| [mailto:mike.davis@va.gov Mike Davis]
 
||||x|| [mailto:mike.davis@va.gov Mike Davis]
||||x|| [mailto:david.staggs@bookzurman.com David Staggs]
+
||||.|| [mailto:david.staggs@bookzurman.com David Staggs]
 
   
 
   
 
|-
 
|-
 
||  x|| [mailto:Diana.Proud-Madruga@electro-soft.com Diana Proud-Madruga]
 
||  x|| [mailto:Diana.Proud-Madruga@electro-soft.com Diana Proud-Madruga]
||||x|| [mailto:fjaureui@electrosoft-inc.com Francisco Jauregui]
+
||||.|| [mailto:jc@securityrs.com Johnathan Coleman]
 +
||||.|| [mailto:fjaureui@electrosoft-inc.com Francisco Jauregui]
 
||||x|| [mailto:joe.lamy@aegis.net Joe Lamy]
 
||||x|| [mailto:joe.lamy@aegis.net Joe Lamy]
||||.|| [mailto:glinden@lindentechadvisiors.com Greg Linden]
 
 
|-
 
|-
 
||  .|| [mailto:rhonna.clark@va.gov Rhonna Clark]
 
||  .|| [mailto:rhonna.clark@va.gov Rhonna Clark]
 +
||||.|| [mailto:glinden@lindentechadvisiors.com Greg Linden]
 
||||.|| [mailto:grahameg@gmail.com Grahame Grieve]
 
||||.|| [mailto:grahameg@gmail.com Grahame Grieve]
||||.|| [mailto:jc@securityrs.com Johnathan Coleman]
+
||||x|| [mailto:dsilver@electrosoft-inc.com Dave Silver]
||||.|| [mailto: Matt Blackman, Sequoia]
 
 
|-
 
|-
 
||. || [mailto:mjafari@edmondsci.com Mohammed Jafari]
 
||. || [mailto:mjafari@edmondsci.com Mohammed Jafari]
||||x|| [mailto:jim.kretz@samhsa.gov Jim Kretz]
+
||||.|| [mailto:jim.kretz@samhsa.gov Jim Kretz]
 
||||.|| [mailto:pbspamfilteracct@gmail.com Peter Bachman]
 
||||.|| [mailto:pbspamfilteracct@gmail.com Peter Bachman]
||||x|| [mailto:dsilver@electrosoft-inc.com Dave Silver]
+
||||.|| [mailto: ]
 
|-
 
|-
 
||  .|| [mailto:Beth.Pumo@kp.org Beth Pumo]
 
||  .|| [mailto:Beth.Pumo@kp.org Beth Pumo]
 
||||.|| [mailto:Bo.Dagnall@dxc.com Bo Dagnall]
 
||||.|| [mailto:Bo.Dagnall@dxc.com Bo Dagnall]
||||.|| [mailto:rikimerrick@gmail.com Riki Merrick]
+
||||.|| [mailto: ]
||||.|| [mailto: Julie Maas]
+
||||.|| [mailto: ]
 
|-
 
|-
 
|-
 
|-
 
|}
 
|}
  
=='''Agenda'''==
+
[[Security|Back to Security Main Page]]
 +
 
 +
=='''Agenda'''==  
 +
 
 +
Meeting Recording: https://fccdl.in/td2yp1GXTh (temporary)
 +
 
 
#''(2 min)'' '''Roll Call, Agenda Approval'''  
 
#''(2 min)'' '''Roll Call, Agenda Approval'''  
 
#''(5 min)'' Review and Approval of:   
 
#''(5 min)'' Review and Approval of:   
 
#* [http://wiki.hl7.org/index.php?title=August_07,_2018_Security_Conference_Call August 07, 2018 Security Conference Call]
 
#* [http://wiki.hl7.org/index.php?title=August_07,_2018_Security_Conference_Call August 07, 2018 Security Conference Call]
 +
#* [http://wiki.hl7.org/index.php?title=August_14,_2018_Security_Conference_Call August 14, 2018 Security Conference Call]
 
#''(5 min)'' '''GDPR whitepaper on FHIR''' update -  Alex, John, Kathleen
 
#''(5 min)'' '''GDPR whitepaper on FHIR''' update -  Alex, John, Kathleen
 
#''(5 min)'' '''TF4FA Normative Ballot reconciliation (formerly PSAF)''' - Mike, Chris'''
 
#''(5 min)'' '''TF4FA Normative Ballot reconciliation (formerly PSAF)''' - Mike, Chris'''
Line 52: Line 56:
 
#* [http://wiki.hl7.org/index.php?title=Privacy_and_Security_Framework_Architecture_(PSAF)#Trust_Framework_for_Federated_Authorization_.28TF4FA.29  TF4FA Ballot Reconciliation (wiki)]
 
#* [http://wiki.hl7.org/index.php?title=Privacy_and_Security_Framework_Architecture_(PSAF)#Trust_Framework_for_Federated_Authorization_.28TF4FA.29  TF4FA Ballot Reconciliation (wiki)]
 
#* [https://gforge.hl7.org/gf/project/security/docman/HL7%20Security%20SOA/TF4FA%20(formerly%20PSAF)/TF4FA%20-%20Ballot%20Reconciliation%20May%202018%20ballot/ballotcomments_V3_PSAF_R1_N1_2018MAY%20amalgamated_20180807sgw.xlsm Ballot Reconciliation Sheet_v20180724 for review offline]  
 
#* [https://gforge.hl7.org/gf/project/security/docman/HL7%20Security%20SOA/TF4FA%20(formerly%20PSAF)/TF4FA%20-%20Ballot%20Reconciliation%20May%202018%20ballot/ballotcomments_V3_PSAF_R1_N1_2018MAY%20amalgamated_20180807sgw.xlsm Ballot Reconciliation Sheet_v20180724 for review offline]  
#** Comments 42-51 up for vote (review if necessary) ''' ''Suzanne to confirm''' ''
+
#** Comments 42-50 up for vote (review if necessary) '''
#''(10 min)'' '''PASS Audit ''' post ballot reconciliation document update - Mike
+
#''(10 min)'' '''PASS Audit ''' document update - Mike
 
#* http://wiki.hl7.org/index.php?title=PASS_Healthcare_Audit_Services
 
#* http://wiki.hl7.org/index.php?title=PASS_Healthcare_Audit_Services
#''(05 min)'' '''TF4FA Trust Framework Volume 3''' (placeholder) - Mike, Chris
+
#''(05 min)'' '''TF4FA Trust Framework Volume 3''' - Mike, Chris
 
# Is Privacy Obsolete - Mike
 
# Is Privacy Obsolete - Mike
 
#* added to WGM agenda
 
#* added to WGM agenda
Line 66: Line 70:
 
==Meeting Minutes (DRAFT)==
 
==Meeting Minutes (DRAFT)==
 
Chair: Chris Shawn
 
Chair: Chris Shawn
 +
 +
Roll taken, agenda changes: none
 +
 +
Meeting minutes to approve:
 +
* August 7, 2918 Motion for approval: (Suzanne / Kathleen)
 +
Opposed: none; abstentions: none approved 7
 +
 +
* August 14, 2018 Motion for approval: (Suzanne / Kathleen)
 +
Opposed: none; abstentions: none: approved: 7
 +
Comment: ''If we are going talk to Federal Agencies, we should start the outreach now''
 +
 +
'''GDPR White Paper on FHIR'''
 +
* talked about this subject on the FHIR-Security
 +
** chat-a-ton tract at the upcoming FHIR Connectathon
 +
* for people at the Connectathon to come in and have a discussion with 'us' regarding GDPR
 +
* additional--Alex is now completed with his holiday and will pick up where he left off with meetings; there was an ask to reinvigorate the text that has already been written
 +
** there isn't significant work at the moment that has been completed, but hopefully more by WGM
 +
* is GDPR white paper for here? Internationally?
 +
** white paper to  express capabilities integrated into FHIR which have an applicability relative to GDPR for security and privacy
 +
**suspect portability will be touched upon, may integrate FHIRi but not much more to say about that now
 +
** check, check no check the FHIR feature to security and Privacy?  (Answer: Yes)
 +
* additional questions/comments?  none brought forward
 +
 +
'''TF4FA Ballot reconciliation'''
 +
Vote: 42-50 ballot comments Motion to accept the dispositions for comments 42-50 (date dispositions completed 8/14) Suzanne/Mike
 +
opposed: none; abstain: 1 (Joe Lamy); approve: 6
 +
 +
Please review 51-57 for voting next week spreadsheet link: https://gforge.hl7.org/gf/project/security/docman/HL7%20Security%20SOA/TF4FA%20(formerly%20PSAF)
 +
 +
'''PASS AUDIT post ballot document update'''
 +
* no update
 +
 +
'''TF4FA Volume 3''' Audit - in progress (''it’s more about Provenance'' than anything else)… Volume 3 - Provenance
 +
* Plan is to discuss during the September meeting, ballot in January
 +
* because of work with both audit and trust framework volumes 1,2 - we have a shortage of resources
 +
* hoping we will have more available beyond the already presented graphics
 +
* general update at MON Q3/Q4 plus additional discussion during Security-only call during WGM
 +
 +
'''Privacy Obsolete'''
 +
* declaring victory and wrapping up
 +
** Facebook or Amazon or Twitter, the sage of GDPR is playing out
 +
** at a point where we are not taking more input and write up what we have
 +
 +
'''Baltimore WGM Agenda'''
 +
* not all engaged in FHIR Security; Mike would like JohnM to report out on the details/overview of FHIR-Security and Privacy - time to cover in detail at another Q
 +
** Monday Q3/Q4 - small segment, high level ''what is security privacy in the context of FHIR'' (not deep)
 +
** since Dave Pyke will not be available, the Tuesday Q3 will cover a deeper discussion of Security and Privacy FHIR capabilities, with Q&A, move forward plan in the upcoming 6-months or so; changes since STU3
 +
** may record (no indicated technical constraints for the Baltimore meeting)
 +
** John may be able to locate some FHIR Security (background) videos if anyone is interested
 +
 +
Additional Agenda items?  none added for WGM or Teleconference
 +
* topics: Kathleen will outreach to Trish, Alex for topics
 +
 +
Motion to adjourn (Kathleen)
 +
Meeting adjourned at --[[User:Suzannegw|Suzannegw]] ([[User talk:Suzannegw|talk]]) 15:39, 21 August 2018 (EDT) Arizona Time

Latest revision as of 20:32, 10 September 2018

Back to Security Main Page

Attendees

x Member Name x Member Name x Member Name x Member Name
x John Moehrke Security Co-chair x Kathleen Connor Security Co-chair . Alexander Mense Security Co-chair . Trish Williams Security Co-chair
x Christopher Shawn Security Co-chair x Suzanne Gonzales-Webb x Mike Davis . David Staggs
x Diana Proud-Madruga . Johnathan Coleman . Francisco Jauregui x Joe Lamy
. Rhonna Clark . Greg Linden . Grahame Grieve x Dave Silver
. Mohammed Jafari . Jim Kretz . Peter Bachman . [mailto: ]
. Beth Pumo . Bo Dagnall . [mailto: ] . [mailto: ]

Back to Security Main Page

Agenda

Meeting Recording: https://fccdl.in/td2yp1GXTh (temporary)

  1. (2 min) Roll Call, Agenda Approval
  2. (5 min) Review and Approval of:
  3. (5 min) GDPR whitepaper on FHIR update - Alex, John, Kathleen
  4. (5 min) TF4FA Normative Ballot reconciliation (formerly PSAF) - Mike, Chris
  5. (10 min) PASS Audit document update - Mike
  6. (05 min) TF4FA Trust Framework Volume 3 - Mike, Chris
  7. Is Privacy Obsolete - Mike
    • added to WGM agenda
  8. (05 min) Security Working Group - upcoming HL7 Working Group Meeting, Baltimore Maryland

Back to Security Main Page

Meeting Minutes (DRAFT)

Chair: Chris Shawn

Roll taken, agenda changes: none

Meeting minutes to approve:

  • August 7, 2918 Motion for approval: (Suzanne / Kathleen)

Opposed: none; abstentions: none approved 7

  • August 14, 2018 Motion for approval: (Suzanne / Kathleen)

Opposed: none; abstentions: none: approved: 7 Comment: If we are going talk to Federal Agencies, we should start the outreach now

GDPR White Paper on FHIR

  • talked about this subject on the FHIR-Security
    • chat-a-ton tract at the upcoming FHIR Connectathon
  • for people at the Connectathon to come in and have a discussion with 'us' regarding GDPR
  • additional--Alex is now completed with his holiday and will pick up where he left off with meetings; there was an ask to reinvigorate the text that has already been written
    • there isn't significant work at the moment that has been completed, but hopefully more by WGM
  • is GDPR white paper for here? Internationally?
    • white paper to express capabilities integrated into FHIR which have an applicability relative to GDPR for security and privacy
    • suspect portability will be touched upon, may integrate FHIRi but not much more to say about that now
    • check, check no check the FHIR feature to security and Privacy? (Answer: Yes)
  • additional questions/comments? none brought forward

TF4FA Ballot reconciliation Vote: 42-50 ballot comments Motion to accept the dispositions for comments 42-50 (date dispositions completed 8/14) Suzanne/Mike opposed: none; abstain: 1 (Joe Lamy); approve: 6

Please review 51-57 for voting next week spreadsheet link: https://gforge.hl7.org/gf/project/security/docman/HL7%20Security%20SOA/TF4FA%20(formerly%20PSAF)

PASS AUDIT post ballot document update

  • no update

TF4FA Volume 3 Audit - in progress (it’s more about Provenance than anything else)… Volume 3 - Provenance

  • Plan is to discuss during the September meeting, ballot in January
  • because of work with both audit and trust framework volumes 1,2 - we have a shortage of resources
  • hoping we will have more available beyond the already presented graphics
  • general update at MON Q3/Q4 plus additional discussion during Security-only call during WGM

Privacy Obsolete

  • declaring victory and wrapping up
    • Facebook or Amazon or Twitter, the sage of GDPR is playing out
    • at a point where we are not taking more input and write up what we have

Baltimore WGM Agenda

  • not all engaged in FHIR Security; Mike would like JohnM to report out on the details/overview of FHIR-Security and Privacy - time to cover in detail at another Q
    • Monday Q3/Q4 - small segment, high level what is security privacy in the context of FHIR (not deep)
    • since Dave Pyke will not be available, the Tuesday Q3 will cover a deeper discussion of Security and Privacy FHIR capabilities, with Q&A, move forward plan in the upcoming 6-months or so; changes since STU3
    • may record (no indicated technical constraints for the Baltimore meeting)
    • John may be able to locate some FHIR Security (background) videos if anyone is interested

Additional Agenda items? none added for WGM or Teleconference

  • topics: Kathleen will outreach to Trish, Alex for topics

Motion to adjourn (Kathleen) Meeting adjourned at --Suzannegw (talk) 15:39, 21 August 2018 (EDT) Arizona Time

Retrieved from "https://wiki.hl7.org/w/index.php?title=August_21,_2018_Security_Conference_Call&oldid=161048"