This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

Difference between revisions of "July 24, 2012 Security Working Group Conference Call"

From HL7Wiki
Jump to navigation Jump to search
 
(8 intermediate revisions by 2 users not shown)
Line 3: Line 3:
 
[[Security|Back to Security Main Page]]
 
[[Security|Back to Security Main Page]]
 
==Attendees==
 
==Attendees==
* [mailto:bill.braithwaite@equifax.comBill Braithwaite]
+
* [mailto:bill.braithwaite@equifax.com Bill Braithwaite]
 
* [mailto:Kathleen_Connor@comcast.net Kathleen Connor]
 
* [mailto:Kathleen_Connor@comcast.net Kathleen Connor]
* [mailto:ecoyne@drc.com Ed Coyne]
 
 
* [mailto:mike.davis@va.gov Mike Davis] Security Cochair
 
* [mailto:mike.davis@va.gov Mike Davis] Security Cochair
 
* [mailto:sgonzales-webb@drc.com Suzanne Gonzales-Webb] CBCC Cochair
 
* [mailto:sgonzales-webb@drc.com Suzanne Gonzales-Webb] CBCC Cochair
* [mailto:timothy.godlove@va.gov Timothy Godlove]
+
* [mailto:ted.lesueur.com Ted Lesueur]
* [mailto:jim.kretz@samhsa.hhs.gov Jim Kretz]
 
* [mailto:glen@grok-a-lot.com Glen Marshall]
 
 
* [mailto:john.moehrke@med.ge.com John Moehrke] Security Cochair
 
* [mailto:john.moehrke@med.ge.com John Moehrke] Security Cochair
* [mailto:milan.petkovic@phillips.com Milan Petkovic]
+
* [mailto:ppyette@perimind.com Pat Pyette]
* [mailto:kenneth.salyards@samhsa.hhs.gov Ken Salyards]
+
[[Security|Back to Security Main Page]]
* [mailto:richard.thoreson@samhsa.hhs.gov Richard Thoreson] CBCC Cochair
 
* [mailto:weida@apelon.com Tony Weida]
 
* [mailto:trish.williams@ecu.edu.au Trish Williams] Security Cochair
 
[[Security|Back to Security Main Page]]
 
 
==Agenda==
 
==Agenda==
 
#''(05 min)'' Roll Call, Approve [http://wiki.hl7.org/index.php?title=June_19,_2012_Security_Working_Group_Conference_Call  June 19 Minutes] and [http://wiki.hl7.org/index.php?title=June_26,_2012_Security_Working_Group_Conference_Call June 26 Minutes] & Accept Agenda
 
#''(05 min)'' Roll Call, Approve [http://wiki.hl7.org/index.php?title=June_19,_2012_Security_Working_Group_Conference_Call  June 19 Minutes] and [http://wiki.hl7.org/index.php?title=June_26,_2012_Security_Working_Group_Conference_Call June 26 Minutes] & Accept Agenda
 
#''(10 min)'' '''Status on establishing new Security WG call times and review of ISO standards request''' – Trish Williams, Cochair
 
#''(10 min)'' '''Status on establishing new Security WG call times and review of ISO standards request''' – Trish Williams, Cochair
#''(25 min)''  ''' Update on submission of http://gforge.hl7.org/gf/download/docmanfileversion/6852/9429/HL7SecurityServiceOrientedArchitectureDomainAnalysisModel.pptx HL7 Security SOA Project Scope Statement to Foundation and Technology Steering Division and ballot status] [http://gforge.hl7.org/gf/download/docmanfileversion/6852/9429/HL7SecurityServiceOrientedArchitectureDomainAnalysisModel.pptx Background: HL7 Security Service Oriented Architecture Domain Analysis Model (SSOA DAM)] '''  - Mike Davis
+
#''(25 min)''  ''' Update on submission of [http://gforge.hl7.org/gf/download/docmanfileversion/6895/9529/HL7ProjectScopeStatementSecurityServiceOrientedArchitectureDAM.doc HL7 Security SOA Project Scope Statement] to Foundation and Technology Steering Division and ballot status[http://gforge.hl7.org/gf/download/docmanfileversion/6852/9429/HL7SecurityServiceOrientedArchitectureDomainAnalysisModel.pptx Background: HL7 Security Service Oriented Architecture Domain Analysis Model (SSOA DAM)] '''  - Mike Davis
 
#''(05 min)'' ''' Report on approved July Harmonization Proposals'''  – Kathleen Connor
 
#''(05 min)'' ''' Report on approved July Harmonization Proposals'''  – Kathleen Connor
 
#''(05 min)'' ''' Update on HL7 Privacy and Security Classification System Ballot submission
 
#''(05 min)'' ''' Update on HL7 Privacy and Security Classification System Ballot submission
 
#''(05 min)'' '''Other Business, Agenda for Next call, Action Items, and Wrap Up
 
#''(05 min)'' '''Other Business, Agenda for Next call, Action Items, and Wrap Up
 +
 
==Minutes==
 
==Minutes==
* RE Approval of Minutes and Agenda – Presiding Cochair, XXX…, asked for approval of the minutes and agenda.  XXX Moved; YYY Seconded.  Minutes and agenda approved/disapproved (0-0-0)
+
* REApproval of Minutes and Agenda – Presiding Cochair, John Moehrke asked for approval of the minutes and agenda.  Since Trish Williams did not make the call, the new call times and ISO standards request were dropped from the agenda.  Plan to revisit at the Sept. WGM.  Kathleen moved to approve minutes and amended agenda; Suzanne secondedNo further Discussion. Minutes and agenda approved (0-1-5).
* RE New call times and ISO standards request - Trish Williams
+
* RE:  Submission of HL7 Security SOA Project Scope Statement to Steering Division – Kathleen reported that FTSD approved SSOA PSS but required that it be submitted on the 2012 PSS form, which has more fields.  FTSD recommended that the PSS explain that conformance to the SSOA DAM is via conformance to the underlying standards.  WG reviewed updated form, agreed with change from normative to informative ballot type, and accepted the conformance statement.  Kathleen moved and Pat seconded WG approval of revised SSOA PSS.  No further Discussion. (0-0-6)
* RE: HL7 Privacy and Security Classification System Ballot submission review and request for approval – Kathleen
+
* RE:  Report on approved July Harmonization Proposals – Kathleen reported that all 3 proposals were approved without change.  These are now part of the HL7 RIM MIF files, but may not be updated in Sept. Ballot Vocabulary.  New vocabulary will be included in HL7 Normative Edition 2013.
* RE: Submission of SSOA PSS to Steering Division - Kathleen
+
* RE: HL7 Privacy and Security Classification System (HCS) Ballot submissionKathleen has until Sunday to get it in. 
* RE Coordination with HSSP
+
Kathleen provided update on progress.  Most work is around harmonizing HCS terminology with that used in 10181-3 access control information (ACI) that the Initiator (aka Principal, Requester, Discloser) must assert or are otherwise available to the access control system (ACS) must match the Target (aka Object, Information Resource) ACI in order for the ACS to permit access.
  
 +
WG discussed how to deal with short turn around on review of the HCS ballot material.  John suggested that the WG could approve it, since it is a “for comment only” ballot if the document were clearly marked as a preliminary release.  He requested that the document indicate that this is a “work-in-progress”, and that the WG anticipated making substantial changes based on ballot feedback and discussion at the Sept WGM.  Pat recommended that Kathleen send it out for WG review ASAP, and request an online vote to affirm the WG tentative agreement.  If the vote is affirmative, then Kathleen will submit on Friday EOD.  If not, the ballot would not be submitted.  Kathleen moved to approve; Pat seconded.  Motion approved (0-0-6).
 +
*RE: Other Business:  Ted Lesueur, McKesson, introduced himself.  He manages information security regulatory compliance for McKesson EHR products.  Ted asked the WG about where he can find information on Security WG background, standards, and current projects.  WG provided several suggestions including attending Security WG meetings at the upcoming Sept WGM.  Ted will call Kathleen to get further details.
 +
Meeting adjourned at 1:45 PM Eastern
 +
==Action Items==
 +
*RE:  HCS Ballot – Kathleen to send material to WG list per motion.  If HCS ballot submission is approved, Kathleen will submit by Friday.
 +
*RE:  Kathleen to work with Lynn Laakso to get SSOA PSS on TSC agenda.
 
==Documents for Discussion: Approved July Harmonization Proposals==
 
==Documents for Discussion: Approved July Harmonization Proposals==
 
* [http://gforge.hl7.org/gf/download/docmanfileversion/6882/9485/2012Jul_HARM_Approved_FINALPROPOSAL_VOCAB_SECURE_kathleen_connor_FinalPurposeOfUse_20120701160914.doc Approved PurposeOfUse Harmonization Proposal]
 
* [http://gforge.hl7.org/gf/download/docmanfileversion/6882/9485/2012Jul_HARM_Approved_FINALPROPOSAL_VOCAB_SECURE_kathleen_connor_FinalPurposeOfUse_20120701160914.doc Approved PurposeOfUse Harmonization Proposal]
 
* [http://gforge.hl7.org/gf/download/docmanfileversion/6883/9486/2012Jul_HARM_Approved_FINALPROPOSAL_VOCAB_SECURE_kathleen_connor_ConfidentialityCodeTechnicalCorrections_20120701163229.docx Approved ConfidentialityCode Technical Corrections]
 
* [http://gforge.hl7.org/gf/download/docmanfileversion/6883/9486/2012Jul_HARM_Approved_FINALPROPOSAL_VOCAB_SECURE_kathleen_connor_ConfidentialityCodeTechnicalCorrections_20120701163229.docx Approved ConfidentialityCode Technical Corrections]
 
* [http://gforge.hl7.org/gf/download/docmanfileversion/6884/9487/2012Jul_HARM_Approved_FINALPROPOSAL_VOCAB_SECURE_kathleen_connor_ActPrivacyPolicyTypeTechnicalCorrecti_20120701162153.docx Approved ActPrivacyPolicy Technical Correction]
 
* [http://gforge.hl7.org/gf/download/docmanfileversion/6884/9487/2012Jul_HARM_Approved_FINALPROPOSAL_VOCAB_SECURE_kathleen_connor_ActPrivacyPolicyTypeTechnicalCorrecti_20120701162153.docx Approved ActPrivacyPolicy Technical Correction]
 
+
[[Security|Back to Security Main Page]]
Meeting adjourned at 2:00 PM Eastern
 
==Action Items==
 
*RE
 
*RE
 
[[Security|Back to Security Main Page]]
 

Latest revision as of 04:47, 25 July 2012

Security Working Group Meeting

Back to Security Main Page

Attendees

Back to Security Main Page

Agenda

  1. (05 min) Roll Call, Approve June 19 Minutes and June 26 Minutes & Accept Agenda
  2. (10 min) Status on establishing new Security WG call times and review of ISO standards request – Trish Williams, Cochair
  3. (25 min) Update on submission of HL7 Security SOA Project Scope Statement to Foundation and Technology Steering Division and ballot status. Background: HL7 Security Service Oriented Architecture Domain Analysis Model (SSOA DAM) - Mike Davis
  4. (05 min) Report on approved July Harmonization Proposals – Kathleen Connor
  5. (05 min) Update on HL7 Privacy and Security Classification System Ballot submission
  6. (05 min) Other Business, Agenda for Next call, Action Items, and Wrap Up

Minutes

  • RE: Approval of Minutes and Agenda – Presiding Cochair, John Moehrke asked for approval of the minutes and agenda. Since Trish Williams did not make the call, the new call times and ISO standards request were dropped from the agenda. Plan to revisit at the Sept. WGM. Kathleen moved to approve minutes and amended agenda; Suzanne seconded. No further Discussion. Minutes and agenda approved (0-1-5).
  • RE: Submission of HL7 Security SOA Project Scope Statement to Steering Division – Kathleen reported that FTSD approved SSOA PSS but required that it be submitted on the 2012 PSS form, which has more fields. FTSD recommended that the PSS explain that conformance to the SSOA DAM is via conformance to the underlying standards. WG reviewed updated form, agreed with change from normative to informative ballot type, and accepted the conformance statement. Kathleen moved and Pat seconded WG approval of revised SSOA PSS. No further Discussion. (0-0-6)
  • RE: Report on approved July Harmonization Proposals – Kathleen reported that all 3 proposals were approved without change. These are now part of the HL7 RIM MIF files, but may not be updated in Sept. Ballot Vocabulary. New vocabulary will be included in HL7 Normative Edition 2013.
  • RE: HL7 Privacy and Security Classification System (HCS) Ballot submission: Kathleen has until Sunday to get it in.

Kathleen provided update on progress. Most work is around harmonizing HCS terminology with that used in 10181-3 access control information (ACI) that the Initiator (aka Principal, Requester, Discloser) must assert or are otherwise available to the access control system (ACS) must match the Target (aka Object, Information Resource) ACI in order for the ACS to permit access.

WG discussed how to deal with short turn around on review of the HCS ballot material. John suggested that the WG could approve it, since it is a “for comment only” ballot if the document were clearly marked as a preliminary release. He requested that the document indicate that this is a “work-in-progress”, and that the WG anticipated making substantial changes based on ballot feedback and discussion at the Sept WGM. Pat recommended that Kathleen send it out for WG review ASAP, and request an online vote to affirm the WG tentative agreement. If the vote is affirmative, then Kathleen will submit on Friday EOD. If not, the ballot would not be submitted. Kathleen moved to approve; Pat seconded. Motion approved (0-0-6).

  • RE: Other Business: Ted Lesueur, McKesson, introduced himself. He manages information security regulatory compliance for McKesson EHR products. Ted asked the WG about where he can find information on Security WG background, standards, and current projects. WG provided several suggestions including attending Security WG meetings at the upcoming Sept WGM. Ted will call Kathleen to get further details.

Meeting adjourned at 1:45 PM Eastern

Action Items

  • RE: HCS Ballot – Kathleen to send material to WG list per motion. If HCS ballot submission is approved, Kathleen will submit by Friday.
  • RE: Kathleen to work with Lynn Laakso to get SSOA PSS on TSC agenda.

Documents for Discussion: Approved July Harmonization Proposals

Back to Security Main Page
Retrieved from "https://wiki.hl7.org/w/index.php?title=July_24,_2012_Security_Working_Group_Conference_Call&oldid=63999"