This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

Difference between revisions of "October 30, 2018 Security Conference Call"

From HL7Wiki
Jump to navigation Jump to search
 
(3 intermediate revisions by 2 users not shown)
Line 44: Line 44:
 
#''(2 min)'' '''Roll Call, Agenda Approval'''  
 
#''(2 min)'' '''Roll Call, Agenda Approval'''  
 
#''(2 min)'' '''[http://wiki.hl7.org/index.php?title=October_23,_2018_Security_Conference_Call Review and Approval of Minutes October 23, 2018]
 
#''(2 min)'' '''[http://wiki.hl7.org/index.php?title=October_23,_2018_Security_Conference_Call Review and Approval of Minutes October 23, 2018]
#''(15 min)'' '''[https://gforge.hl7.org/gf/project/security/docman/HL7%20Security%20SOA/TF4FA%20(formerly%20PSAF)/TF4FA%20-%20Ballot%20Reconciliation%20May%202018%20ballot/ballotcomments_V3_PSAF_R1_N1_2018MAY%20amalgamated_20181030_sgw.xlsm Review last block of TF4FA Vol 1 and 2 Ballot comments: 147 - 161 from TF4FA Recon call]''' Final vote on the last of the dispositions is scheduled for 10/30.
+
#''(15 min)'' '''[https://gforge.hl7.org/gf/project/security/docman/HL7%20Security%20SOA/TF4FA%20(formerly%20PSAF)/TF4FA%20-%20Ballot%20Reconciliation%20May%202018%20ballot/ballotcomments_V3_PSAF_R1_N1_2018MAY%20amalgamated_20181030.xlsm Review last block of TF4FA Vol 1 and 2 Ballot comments: 147 - 161 from TF4FA Recon call]''' Final vote on the last of the dispositions is scheduled for 10/30.
 
#''(2 min)'' '''[http://wiki.hl7.org/index.php?title=PASS_Healthcare_Audit_Services Update on revision of PASS Audit]''' - Mike
 
#''(2 min)'' '''[http://wiki.hl7.org/index.php?title=PASS_Healthcare_Audit_Services Update on revision of PASS Audit]''' - Mike
 
#''(2 min)'' '''[http://www.hl7.org/special/committees/tsc/ballotmanagement/DisplayNIB.cfm?ballot_document_sdo_id=1004 TF4FA Trust Framework, Volume 3 NIB Submission]''' - Mike  
 
#''(2 min)'' '''[http://www.hl7.org/special/committees/tsc/ballotmanagement/DisplayNIB.cfm?ballot_document_sdo_id=1004 TF4FA Trust Framework, Volume 3 NIB Submission]''' - Mike  
Line 54: Line 54:
 
#''(5 min)'' '''GDPR whitepaper on FHIR''' Update - Alex
 
#''(5 min)'' '''GDPR whitepaper on FHIR''' Update - Alex
  
[[Security|Back to Security Main Page]]
 
  
 
==Meeting Materials==
 
==Meeting Materials==
Line 75: Line 74:
 
==Meeting Minutes DRAFT==
 
==Meeting Minutes DRAFT==
 
Chair, Chris Shawn
 
Chair, Chris Shawn
 
 
  
 
Approval of Meeting Minutes (Kathleen/Suzanne)
 
Approval of Meeting Minutes (Kathleen/Suzanne)
 +
* Abstain: none; Oppose: none; Approve: 8 (Suzanne to confirm)
  
  
Review of TF4FA Ballot  
+
'''Review of TF4FA Ballot '''
 +
* [https://gforge.hl7.org/gf/project/security/docman/HL7%20Security%20SOA/TF4FA%20(formerly%20PSAF)/TF4FA%20-%20Ballot%20Reconciliation%20May%202018%20ballot/ballotcomments_V3_PSAF_R1_N1_2018MAY%20amalgamated_20181030.xlsm Review last block of TF4FA Vol 1 and 2 Ballot comments: 147 - 161 from TF4FA Recon call]
 +
Block Vote Approval of (above listed): (Kathleen/Suzanne)
 +
Above, Including Comment Resolutions #26, #66, #105
  
Block Vote Approval of (above listed): (kathleen/Suzanne)
+
Objections: none; Abstentions: none; Approval: 8 (Suzanne to confirm)
Including Comment Resolutions #26, #66, #105
+
Point of Question - When do we ask for voter retraction of the ballot negative; do we have to complete the updated document
 
 
Objections: none; Abstentions: none; Approval
 
Point of Question - When do we ask for voter retractioin of the ballot negative; do we have to complete the updated document
 
 
* upload the reconciliation spreadsheet (under co-chair abilities on HL7.org page)
 
* upload the reconciliation spreadsheet (under co-chair abilities on HL7.org page)
* Suzanne or Kathleen will upload ballot reconciliation sheet and notify negative voters requesting withdrawal oof negative vote
+
* Suzanne or Kathleen will upload ballot reconciliation sheet and notify negative voters requesting withdrawal of negative vote
  
  
PASS Audit
+
'''PASS Audit'''
Ballot reconciliation completed, have been placing comments into the document.  We will need to provide the Security WG chairs with thespreadsheet for negative voters to withdraw their vote
+
Ballot reconciliation completed, have been placing comments into the document.  We will need to provide the Security WG chairs with the spreadsheet for negative voters to withdraw their vote
  
  
DS4P NIB submitted; move the disucssioin forward so that Johnathan can speak to DS4P reaffirmation
+
'''DS4P'''
* Normative standard going through raffirmation (potentially)
+
* NIB submitted; move the discussion forward so that Johnathan can speak to DS4P reaffirmation
 +
* Normative standard going through reaffirmation (potentially)
 
** HL7 has tightened its timelines ; within CBCP we have voted affirmative to move forward with this standards--because we did not meet following WGM; we appealed to the TSC which was approved
 
** HL7 has tightened its timelines ; within CBCP we have voted affirmative to move forward with this standards--because we did not meet following WGM; we appealed to the TSC which was approved
 
** along with that the PSS and additional administrative is going through Clinical SD for approval 10-day eVote period
 
** along with that the PSS and additional administrative is going through Clinical SD for approval 10-day eVote period
 
** NIB submitted today
 
** NIB submitted today
on behalf of CBCP WG, Seucrity as the co-sponsor of WG is that we vote for the affirmation today (just in case) vote isneeded
+
on behalf of CBCP WG, Security as the co-sponsor of WG is that we vote for the affirmation today (just in case) vote is needed
  
 
MOTION to vote on reaffirmation on DS4P (Johnathan / Suzanne)
 
MOTION to vote on reaffirmation on DS4P (Johnathan / Suzanne)
Line 108: Line 107:
  
 
NIB submitted for HL7 TF4FA;  
 
NIB submitted for HL7 TF4FA;  
* Voted to agreed to change TF4FA to '' '''Trust Framework for Security and Privacy'' ''' - may change name after ballot (Volume 3 with Provenance in the name  (changing the names of the other documents when a PSS is updated)
+
* Voted to agree to change TF4FA to '' '''Trust Framework for Security and Privacy'' ''' - may change name after ballot (Volume 3 with Provenance in the name  (changing the names of the other documents when a PSS is updated)
  
 
NIBs submitted for HCS, SLS, SPO also submitted this weekend;  for January 2018 ballot cycle
 
NIBs submitted for HCS, SLS, SPO also submitted this weekend;  for January 2018 ballot cycle
Line 117: Line 116:
 
* Discussion and updates made to the PPT
 
* Discussion and updates made to the PPT
 
** also missing dissemination CUI?
 
** also missing dissemination CUI?
 +
 +
 +
Meeting adjourned 1:04 Arizona Time --[[User:Suzannegw|Suzannegw]] ([[User talk:Suzannegw|talk]]) 16:05, 30 October 2018 (EDT)
 +
[[Security|Back to Security Main Page]]

Latest revision as of 19:58, 6 November 2018

Back to Security Main Page

Attendees

Back to Security Main Page

x Member Name x Member Name x Member Name x Member Name
x John Moehrke Security Co-chair x Kathleen Connor Security Co-chair x Alexander Mense Security Co-chair . Trish Williams Security Co-chair
x Christopher Shawn Security Co-chair x Suzanne Gonzales-Webb x Mike Davis . David Staggs
x Diana Proud-Madruga . Johnathan Coleman . Francisco Jauregui . Joe Lamy
. Theresa Ardal Connor . Greg Linden . Grahame Grieve . Dave Silver
. Beth Pumo x Jim Kretz . Peter Bachman . Bo Dagnall

Back to Security Main Page

Agenda

  1. (2 min) Roll Call, Agenda Approval
  2. (2 min) Review and Approval of Minutes October 23, 2018
  3. (15 min) Review last block of TF4FA Vol 1 and 2 Ballot comments: 147 - 161 from TF4FA Recon call Final vote on the last of the dispositions is scheduled for 10/30.
  4. (2 min) Update on revision of PASS Audit - Mike
  5. (2 min) TF4FA Trust Framework, Volume 3 NIB Submission - Mike
  6. (5 min) DS4P Project page and DS4P Reaffirmation NIB - Security WG as cosponsor needs to vote to approve.
  7. (5 min) 3 Reaffirmation NIBs HCS, SLS, SPO submitted this weekend - Kathleen
  8. (15 min) CUI Security Label Harmonization Proposal - More than you ever want to know- Kathleen
  9. (10 min) FHIR Security Update on XSAP 2.0 JSON FHIR Security Labels and other happenings - John
    • FHIR-Security call will be alternating between core FHIR Security topics, and work on FHIR Connectathon - Care Plan scenario
  10. (5 min) GDPR whitepaper on FHIR Update - Alex


Meeting Materials

Introduction to Marking CUI (updated August 6, 2018) Introduction to Marking CUI (updated August 6, 2018) This video provides an overview of how to mark documents, emails, presentations, systems, and other files that contain CUI. It specifically addresses the designation indicator and the CUI banner marking, including the CUI control marking, CUI category markings, and Limited Dissemination Control Markings. It also discusses portion marking, the use of cover sheets, marking multi-page documents, and decontrolling CUI. NIST CUI Security Requirements Workshop 10/18/18 Everything you ever wanted to know about CUI

Meeting Minutes DRAFT

Chair, Chris Shawn

Approval of Meeting Minutes (Kathleen/Suzanne)

  • Abstain: none; Oppose: none; Approve: 8 (Suzanne to confirm)


Review of TF4FA Ballot

Block Vote Approval of (above listed): (Kathleen/Suzanne) Above, Including Comment Resolutions #26, #66, #105

Objections: none; Abstentions: none; Approval: 8 (Suzanne to confirm) Point of Question - When do we ask for voter retraction of the ballot negative; do we have to complete the updated document

  • upload the reconciliation spreadsheet (under co-chair abilities on HL7.org page)
  • Suzanne or Kathleen will upload ballot reconciliation sheet and notify negative voters requesting withdrawal of negative vote


PASS Audit Ballot reconciliation completed, have been placing comments into the document. We will need to provide the Security WG chairs with the spreadsheet for negative voters to withdraw their vote


DS4P

  • NIB submitted; move the discussion forward so that Johnathan can speak to DS4P reaffirmation
  • Normative standard going through reaffirmation (potentially)
    • HL7 has tightened its timelines ; within CBCP we have voted affirmative to move forward with this standards--because we did not meet following WGM; we appealed to the TSC which was approved
    • along with that the PSS and additional administrative is going through Clinical SD for approval 10-day eVote period
    • NIB submitted today

on behalf of CBCP WG, Security as the co-sponsor of WG is that we vote for the affirmation today (just in case) vote is needed

MOTION to vote on reaffirmation on DS4P (Johnathan / Suzanne)

  • VOTE: objections: none; Abstentions: none; Approval:


NIB submitted for HL7 TF4FA;

  • Voted to agree to change TF4FA to Trust Framework for Security and Privacy - may change name after ballot (Volume 3 with Provenance in the name (changing the names of the other documents when a PSS is updated)

NIBs submitted for HCS, SLS, SPO also submitted this weekend; for January 2018 ballot cycle


Review of CUI Security Label Harmonization Proposal <<link to PPT>>

  • missed on the privacy CUI portions for the proposal
  • Discussion and updates made to the PPT
    • also missing dissemination CUI?


Meeting adjourned 1:04 Arizona Time --Suzannegw (talk) 16:05, 30 October 2018 (EDT) Back to Security Main Page