Difference between revisions of "Security"
(615 intermediate revisions by 10 users not shown) | |||
Line 1: | Line 1: | ||
+ | <div style="background-color: white; border: 1px solid red; margin: 4px; padding: 2px; font-weight: bold; text-align: center;"> | ||
+ | Current Content related to this page can be found on Confluence [https://confluence.hl7.org/display/SEC/Security+Work+Group Here]</div> | ||
+ | |||
{| {{table}} | {| {{table}} | ||
{| border="10" | {| border="10" | ||
− | | align="center" width=" | + | | align="center" width="200pt" style="background:#f0f0f0;"|'''Leadership''' |
− | | align="center" width=" | + | | align="center" width="200pt" style="background:#f0f0f0;"|'''Governance''' |
− | | align="center" width=" | + | | align="center" width="200pt" style="background:#f0f0f0;"|'''Weekly_Meeting_Information''' |
|- | |- | ||
|-valign="top" | |-valign="top" | ||
| | | | ||
− | [mailto: | + | [mailto:mense@technikum-wien.at Alexander Mense] - Program Director Information Management und IT-Security University of Applied Sciences Technikum Wien |
+ | |||
+ | [mailto:kathleen_connor@comcast.net Kathleen Connor] - VHA Security Architecture – Framework Engineering (Book Zurman Inc.) | ||
− | [mailto: | + | [mailto:JohnMoehrke@gmail.com John Moehrke] - By-Light Professional IT Services, Inc |
− | [mailto: | + | [mailto:patricia.williams@flinders.edu.au Trish Williams PhD] - Flinders University |
− | [mailto: | + | [mailto:Christopher.Shawn2@va.gov Christopher Shawn] - VHA Security Architecture |
|| | || | ||
− | Security Decision Making Processes | + | [http://gforge.hl7.org/gf/project/security/docman/HL7%20Security%20WG%20Administrative%20Documents/Security%20WG%20Mission%20and%20Charter/2017%20HL7%20Security%20WG%20Mission%20and%20Charter%20v4.doc Security Mission & Charter 2017] |
+ | |||
+ | [http://gforge.hl7.org/gf/project/security/docman/HL7%20Security%20WG%20Administrative%20Documents/May%202017%20Madrid%20Admin/Security%20HL7%20WG%20DMP%20V6.0%202017.docx Security Decision Making Processes 2017] | ||
− | + | [http://www.hl7.org/documentcenter/public/wg/secure/HL7%20Security%20SWOT%20Sep%202016.doc SWOT Sep 2016] | |
− | Security | + | [[Security 3-Year Plan]] |
− | [[Security | + | [http://www.hl7tsc.org/wiki/index.php?title=Foundation_%26_Technology_Steering_Division_Home Infrastructure Steering Division Home] |
+ | |||
+ | [[Relevant HL7 Policies and Procedures]] | ||
+ | |||
+ | [https://confluence.hl7.org/display/SEC/Security+Work+Group Security Confluence] | ||
|| | || | ||
− | Weekly, '''Tuesday at | + | Weekly, '''Tuesday at 3 pm EST''' (12 pm PST) |
+ | Beginning March 28 - [https://join.freeconferencecall.com/security36 Security WG FreeConference web meeting] | ||
+ | * [https://www.freeconferencecall.com/join/security36 Online Meeting Link] | ||
+ | * Dial-in Number: (515) 604-9567 Access Code: 880898 | ||
− | + | Call Weekly Call Agenda Links below on this home page. | |
− | + | ''' ''Please be aware that teleconference meetings are recorded to assist with creating the meeting minutes'' ''' | |
− | |||
− | |||
|} | |} | ||
− | + | [[Category:Foundation_and_Technology_Steering_Division]] | |
− | + | [http://www.hl7tsc.org/wiki/index.php?title=Foundation_%26_Technology_Steering_Division_Home Foundation and Technology Steering Division Home Page] | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
[[Category:Work_Group]] | [[Category:Work_Group]] | ||
− | == | + | ==Security WGM Calendar and Minutes== |
− | * [ | + | ===January 2019 WGM San Antonio=== |
− | * | + | * Confluence [https://confluence.hl7.org/pages/viewpage.action?pageId=39159947&src=contextnavpagetreemode January 2019 Security WGM Agenda/Minutes/Attendance] - DRAFT |
+ | * Wiki [[January 2019 Security Working Group Meeting Agenda - San Antonio]] - DRAFT | ||
− | == | + | ====Previous WGM Links:==== |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | * [ | + | *[http://www.hl7.org/documentcenter/public_temp_F0279555-1C23-BA17-0C0C093F748E646F/schedules/balloting_schedule/January%202019%20Balloting%20Schedule.pdf January 2019 Balloting Schedule] |
− | * [[ | + | *[[September 2018 Security Working Group Meeting Agenda - Baltimore]] |
− | * [[ | + | *[[September 2018 Security Working Group Meeting Agenda- Baltimore (DRAFT)]] |
− | * [ | + | *[http://wiki.hl7.org/index.php?title=HL7_September_2018_WGM_MINUTES HL7 September 2018 WGM MINUTES - Baltimore final] |
− | |||
− | ==Security | + | ===[[Security FHIR Connectathons]]=== |
− | + | ==Security WG Weekly Meeting Minutes and Agenda== | |
− | + | * [https://confluence.hl7.org/display/SEC/2019-01-08+Security+Meeting+Conference+Call+Agenda Security Conference Call, January 8, 2019] Meeting Agenda and Minutes are now located on Confluence!! | |
− | + | ** Please do not forget to sign-up for a Confluence Account!! | |
− | + | ** Link to request an account for Jira/Confluence, https://confluence.hl7.org/#space-menu-link-content If you have an account for other Work Groups, you do not need to request a new account. | |
− | ** | ||
− | ** | ||
− | * | + | * Calls cancelled for holidays until January 8, 2019 |
− | ** September | + | * [[December 11, 2018 Security Conference Call]] |
− | ** [[ | + | * [[December 4, 2018 Security Conference Call]] |
− | ** [[ | + | * [[November 27, 2018 Security Conference Call]] |
+ | * [[November 20, 2018 Security Conference Call]] | ||
+ | * [[November 13, 2018 Security Conference Call]] | ||
+ | * [[November 6, 2018 Security Conference Call]] | ||
+ | * [[October 30, 2018 Security Conference Call]] | ||
+ | * [[October 23, 2018 Security Conference Call]] | ||
+ | * [[October 16, 2018 Security Conference Call]] | ||
+ | * Calls cancelled to prepare for, attend, and do follow up to September Baltimore WGM Sept 28 - October 5 | ||
+ | * [[September 18, 2018 Security Conference Call]] | ||
+ | * [[September 11, 2018 Security Conference Call]] | ||
+ | * [[September 4, 2018 Security Conference Call]] | ||
+ | * [[August 28, 2018 Security Conference Call]] | ||
+ | * [[August 21, 2018 Security Conference Call]] | ||
+ | * [[August 14, 2018 Security Conference Call]] | ||
+ | * [[August 07, 2018 Security Conference Call]] | ||
− | |||
− | |||
− | |||
− | * | + | *[[Security WG Meeting Minutes Template]] |
− | |||
− | + | ==[[Archive - Security WG WGM and Weekly Meeting Minutes and Agenda]]== | |
+ | ===[http://wiki.hl7.org/index.php?title=HL7_FHIR_security_topics HL7 FHIR Security Calls]=== | ||
=Security Project Space= | =Security Project Space= | ||
− | ==Approved Projects== | + | =='''HL7 Security Review and Comment Topics'''== |
+ | ===[[GDPR (General Data Protection Regulation)]]=== | ||
+ | ===''[["Is Privacy Obsolete" Study Group Page"]]''=== | ||
+ | ===[[HL7 Kantara and OASIS X-Paradigm Research by Mohammad Jafari]]=== | ||
+ | Features papers and blogs were developed to encourage collaborative development across several standards supporting emerging healthcare privacy and security use cases. | ||
+ | ===''[[ONC Interoperability Standards Advisory 2018 Review and Comment Page]]''=== | ||
+ | ===''[[ONC Trusted Exchange Common Agreement Framework Comments Page]]''=== | ||
+ | *Links for ONC Trusted Exchange Common Agreement Kick Off | ||
+ | **[https://www.healthit.gov/21st-century-cures-act-trusted-exchange-and-common-agreement-tfca-kick-meeting-1 Presentation Recordings] | ||
+ | **[https://www.healthit.gov/sites/default/files/july24trustedexchangeframework.pdf ONC Trusted Exchange Common Agreement deck] | ||
+ | *[https://oncprojectracking.healthit.gov/wiki/display/INTEROP/Common+Agreement+and+Exchange+Framework 21st Century Cures Act Trusted Exchange Framework and Common Agreement Public Comment Submission site] | ||
+ | *Comments due Aug. 25 | ||
+ | ===[[FHIR Bulk Data Transfer Privacy and Security Concerns]]=== | ||
+ | ===[[FHIR Consumer Centered Data Exchange (CCDE) Connectathon]]=== | ||
+ | *[http://wiki.hl7.org/index.php?title=September_2018_Baltimore_CCDE_Connectathon_Track_4 201809 Integrated Care Plan, Clinical Decision Support and Consumer Mediated Exchange tracks] | ||
+ | *[http://wiki.hl7.org/index.php?title=June_2018_MiHIN_Consumer_Mediated_Exchange_(CME)_Connectathon_Track_3 MIHIN June 2018 Consumer Mediated Exchange Connectathon Track 3] | ||
+ | *[[January 2018 New Orleans CCDE Connectathon Track 2]] | ||
+ | *[[September 2017 San Diego CCDE Connectathon Track 1]] | ||
+ | |||
+ | ===[[HL7 Version 2 Privacy and Security]]=== | ||
+ | |||
+ | =='''[[Archive of HL7 Security Review and Comment Topics]]'''== | ||
+ | =='''Approved Security WG Projects'''== | ||
+ | ==[http://wiki.hl7.org/index.php?title=Privacy_and_Security_Framework_Architecture_(PSAF) Privacy and Security Framework Architecture (PSAF), ''' ''TF4FA Ballot Reconciliation''' '']== | ||
+ | * latest [https://gforge.hl7.org/gf/project/security/docman/HL7%20Security%20SOA/PSAF/PSAF%20TF4FA%20May%202018/PSAF%20TF4FA%20May%202018%20Reconciliation/ballotcomments_V3_PSAF_R1_N1_2018MAY%20amalgamated.xls Ballot Reconciliation Sheet] | ||
+ | * <<add link>> Ballot Document | ||
+ | ==[[PASS Healthcare Audit Services]] Project== | ||
+ | * [<<add link>> Ballot Reconciliation Sheet] | ||
+ | * <<add link>> Ballot Document | ||
+ | |||
+ | ===[http://wiki.hl7.org/index.php?title=HL7_FHIR_security_topics HL7 FHIR Security Topics (wiki page)]]=== | ||
+ | ===[[HL7 Patient Friendly Consent Directive Project]]=== | ||
+ | ===[[Trust Label]]=== | ||
+ | ===[[Security Labeling Service Project|Security Labeling Service Project Wiki]]=== | ||
+ | ===[[Healthcare Privacy and Security Classification System]]=== | ||
+ | ===[[Security and Privacy Ontology|Security and Privacy Ontology Project Wiki]]=== | ||
+ | ===[[HL7 DS4P CBCC-Security WG Joint Project]]=== | ||
− | + | *[http://hl7projects.hl7.nscee.edu/docman/view.php/52/49/RBAC%20Privacy%20and%20Authorization%20Terminology%20Project%20Scope%20Statement%20v0%202.doc RBAC Privacy and Authorization Terminology Project Scope Statement v0 2.doc] joint with [[Community-Based Collaborative Care]] | |
− | * [http://hl7projects.hl7.nscee.edu/docman/view.php/52/49/RBAC%20Privacy%20and%20Authorization%20Terminology%20Project%20Scope%20Statement%20v0%202.doc RBAC Privacy and Authorization Terminology Project Scope Statement v0 2.doc] joint with [[Community-Based Collaborative Care]] | + | **[http://healthlevelseven.projectinsight.net/Content/Folders/FolderDisplay.aspx?Id=167add16c33a41968e70be6e22d8d807&ReturnUrl=/Content/Folders/FolderDisplay.aspx%3FId%3Dddbc44e93a52422089595248f65bc993%26ReturnUrl%3D%252fContent%252fFolders%252fFolderDisplay.aspx%253fId%253dddbc44e93a52422089595248f65bc993%2526ReturnUrl%253d%25252fContent%25252fFolders%25252fFolderDisplay.aspx%25253fId%25253dddbc44e93a52422089595248f65bc993%252526ReturnUrl%25253d%2525252fContent%2525252fFolders%2525252fFolderDisplay.aspx%252526_sx%25253d0%252526_sy%25253d0%2526_sx%253d0%2526_sy%253d0%26_sx%3D0%26_sy%3D0 Project Insight - Project Plan] |
− | ** [http://healthlevelseven.projectinsight.net/Content/Folders/FolderDisplay.aspx?Id=167add16c33a41968e70be6e22d8d807&ReturnUrl=/Content/Folders/FolderDisplay.aspx%3FId%3Dddbc44e93a52422089595248f65bc993%26ReturnUrl%3D%252fContent%252fFolders%252fFolderDisplay.aspx%253fId%253dddbc44e93a52422089595248f65bc993%2526ReturnUrl%253d%25252fContent%25252fFolders%25252fFolderDisplay.aspx%25253fId%25253dddbc44e93a52422089595248f65bc993%252526ReturnUrl%25253d%2525252fContent%2525252fFolders%2525252fFolderDisplay.aspx%252526_sx%25253d0%252526_sy%25253d0%2526_sx%253d0%2526_sy%253d0%26_sx%3D0%26_sy%3D0 Project Insight - Project Plan] | ||
* [http://gforge.hl7.org/gf/project/cbcc/scmsvn/?action=browse&path=%2Ftrunk%2FCDA%2520Implementation%2520Guide%2Fdocs%2FCDAR2_CD_IG%2520_D2_2010MAY.pdf&view=log CDA R2 Implementation Guide for Privacy Consent Directives May 2010] joint with [[Community-Based Collaborative Care]] | * [http://gforge.hl7.org/gf/project/cbcc/scmsvn/?action=browse&path=%2Ftrunk%2FCDA%2520Implementation%2520Guide%2Fdocs%2FCDAR2_CD_IG%2520_D2_2010MAY.pdf&view=log CDA R2 Implementation Guide for Privacy Consent Directives May 2010] joint with [[Community-Based Collaborative Care]] | ||
+ | |||
+ | |||
+ | ===Joint Vocabulary Alignment Project=== | ||
+ | *[[Record Lifecycle, Security, Privacy, and Provenance Vocabulary Alignment]] | ||
+ | *[[Way with Verbs: Operations Ontology Project]] (Deprecated) | ||
+ | |||
+ | ==='''Joint Projects with ONC and Others'''=== | ||
+ | |||
+ | ==Updates to the FHIR Security Pages per ONC Precision Medicine Initiative and API Privacy and Security Considerations== | ||
+ | *[https://www.healthit.gov/sites/default/files/privacy-security-api.pdf KEY PRIVACY AND SECURITY CONSIDERATIONS FOR HEALTHCARE APPLICATION PROGRAMMING INTERFACES (APIS)] | ||
+ | *[https://beta.healthit.gov/ ONC Role in Precision Medicine Initiative (PMI)] | ||
+ | *[https://beta.healthit.gov/topic/privacy-security-and-hipaa/health-it-privacy-and-security-resources-providers Health IT Privacy and Security Resources for Providers ] | ||
+ | |||
+ | ===[[Consent on FHIR]]=== | ||
+ | Security WG members collaborating on [http://confluence.siframework.org/display/PATCH/The+Patient+Choice+Technical+Project+Homepage ONC Patient Choice Project] Mike Davis, Duane Decouteau, Mohammad Jafari, and Tony Mallia participated in the ONC Patient Choice Basic Consent Pilots at the HL7 Connectathon. Presentations, demonstration, and other material available on this page. | ||
+ | ===[[HIMSS 2017 Patient Choice]]=== | ||
+ | Featuring FHIR Consent and Consent2Share with UMA and Smart on FHIR Authorization Servers, ONC Patient Choice pilots VA and MiHIN join SAMHSA to demonstrate how emerging technologies can protect sensitive patient health information in implementer friendly ways. See this page for HIMSS collateral, vignette, and demonstration links. | ||
+ | [[File:Patient_Choice_on_FHIR_Image.png|400px|thumb|right|HIMSS 2017 Patient Choice on FHIR]] | ||
+ | |||
+ | ==Security Ballot Information== | ||
+ | |||
+ | ==Security Harmonization Information== | ||
+ | *[[July 2018 Harmonization Cycle]] | ||
+ | *[[Security Harmonization Archive]] | ||
+ | |||
+ | =='''[[HL7 Security Video Library]]'''== | ||
+ | [[File:PoF_Icon.png|400px|thumb|right|Privacy on FHIR]] | ||
+ | *[https://www.youtube.com/watch?v=Sj0ZOi1AxhY HL7 Cascading UMA OAuth video - Duane Decouteau] | ||
+ | *[http://va.edmondsci.com:8080/ehtac/sof/ Privacy on FHIR HIMSS 2015 Security Labeling Demo] | ||
+ | *[https://www.youtube.com/watch?v=SKHUdiLcC0w Security Labels for the FHIR Connectathon] | ||
+ | * [https://www.youtube.com/watch?v=4lMG96nmWS0 HIMSS 2013 Interoperability Showcase Demonstrations (DS4P) Using Healthcare Security Labels - eHealth Exchange] | ||
=='''[[HL7 Security Document Library]]'''== | =='''[[HL7 Security Document Library]]'''== | ||
+ | *[http://www.hl7.org/search/viewSearchResult.cfm?search_id=393442&search_result_url=%2Fdocumentcenter%2Fpublic%2Fwg%2Fsecure%2FHL7%20Emergency%20Access%2Edoc Healthcare Requirements for Emergency Access by Mike Davis VA] | ||
+ | *[[Bernd Blobel Presentations at 2017 Madrid WGM and other publications]] | ||
+ | *[[HL7 Policy Advisory Committee: Security, Privacy, Trust, and Provenance Considerations]] | ||
+ | *[[Purpose of Use]] | ||
+ | *[[International and National Security and Privacy Policy and SDO Reports]] | ||
+ | *[[Privacy and Security, Big Data, Provenance and Privacy Reference Materials]] | ||
+ | *[http://www.nist.gov/itl/csd/upload/nist_privacy_engr_objectives_risk_model_discussion_deck.pdf NIST Privacy Engineering Objectives and Risk Model - Discussion Deck Objective-Based Design for Improving Privacy in Information Systems] | ||
+ | *[http://wiki.hl7.org/index.php?title=HL7_Security_Document_Library Jan 2014 WGM Security Education Session Presentations] | ||
+ | *[http://www.hl7.org/Special/committees/secure/docs.cfm Security Educational Tutorial on Wed 26th Sept, 2013 at Cambridge, MA.] | ||
+ | * [http://wiki.hl7.org/index.php?title=HL7_Security_Document_Library Jan 2013 WGM Security Education Session presentations'''] | ||
* [[Security and Privacy Tutorial 2012]] | * [[Security and Privacy Tutorial 2012]] | ||
+ | * [[Security and Privacy mHealth]] | ||
* [[HL7 Security and Privacy Requirements for CDA R3]] | * [[HL7 Security and Privacy Requirements for CDA R3]] | ||
* [[Security & CBCC Work Group Response to Meaningful Use IFR]] | * [[Security & CBCC Work Group Response to Meaningful Use IFR]] | ||
* Issue tracking, releases, documentation available at: [http://hl7projects.hl7.nscee.edu/projects/security/ HL7 Homebase Project] | * Issue tracking, releases, documentation available at: [http://hl7projects.hl7.nscee.edu/projects/security/ HL7 Homebase Project] | ||
* [http://gforge.hl7.org/gf/project/security/ Security G-Forge site] | * [http://gforge.hl7.org/gf/project/security/ Security G-Forge site] | ||
− | * Web page: [http://www.hl7.org/Special/committees/secure/index.cfm Security Working Group Web Page] | + | * HL7 Web page: [http://www.hl7.org/Special/committees/secure/index.cfm Security Working Group Web Page] |
* [[Cookbook for Security Considerations]] - Instructions for HL7 standards authors and workgroup members | * [[Cookbook for Security Considerations]] - Instructions for HL7 standards authors and workgroup members | ||
*Security and Privacy Ontology Project - [http://wiki.hl7.org/index.php?title=Security_and_Privacy_Ontology#Draft_Ontology Weekly updates to the draft Security & Privacy Ontology] | *Security and Privacy Ontology Project - [http://wiki.hl7.org/index.php?title=Security_and_Privacy_Ontology#Draft_Ontology Weekly updates to the draft Security & Privacy Ontology] | ||
+ | * [http://wiki.hl7.org/index.php?title=Role-Based_Access_Control_(RBAC)_Use_Cases RBAC Use Cases] | ||
− | [ | + | =='''Security WG Reference Model Code'''== |
+ | * [https://github.com/ddecouteau/HIMSS2015PrivacyOnFHIR Developed Reference Model code for HIMSS 2015 Privacy on FHIR Demonstration - publicly available] | ||
=='''Action Item List'''== | =='''Action Item List'''== | ||
− | + | ===Tracking List=== | |
− | |||
− | |||
− | |||
− | |||
− |
Latest revision as of 18:49, 26 April 2019
Leadership | Governance | Weekly_Meeting_Information |
Alexander Mense - Program Director Information Management und IT-Security University of Applied Sciences Technikum Wien Kathleen Connor - VHA Security Architecture – Framework Engineering (Book Zurman Inc.) John Moehrke - By-Light Professional IT Services, Inc Trish Williams PhD - Flinders University Christopher Shawn - VHA Security Architecture |
Security Mission & Charter 2017 Security Decision Making Processes 2017 Infrastructure Steering Division Home |
Weekly, Tuesday at 3 pm EST (12 pm PST) Beginning March 28 - Security WG FreeConference web meeting
Call Weekly Call Agenda Links below on this home page. Please be aware that teleconference meetings are recorded to assist with creating the meeting minutes |
Foundation and Technology Steering Division Home Page
Contents
- 1 Security WGM Calendar and Minutes
- 2 Security WG Weekly Meeting Minutes and Agenda
- 3 Archive - Security WG WGM and Weekly Meeting Minutes and Agenda
- 4 Security Project Space
- 4.1 HL7 Security Review and Comment Topics
- 4.1.1 GDPR (General Data Protection Regulation)
- 4.1.2 "Is Privacy Obsolete" Study Group Page"
- 4.1.3 HL7 Kantara and OASIS X-Paradigm Research by Mohammad Jafari
- 4.1.4 ONC Interoperability Standards Advisory 2018 Review and Comment Page
- 4.1.5 ONC Trusted Exchange Common Agreement Framework Comments Page
- 4.1.6 FHIR Bulk Data Transfer Privacy and Security Concerns
- 4.1.7 FHIR Consumer Centered Data Exchange (CCDE) Connectathon
- 4.1.8 HL7 Version 2 Privacy and Security
- 4.2 Archive of HL7 Security Review and Comment Topics
- 4.3 Approved Security WG Projects
- 4.4 Privacy and Security Framework Architecture (PSAF), TF4FA Ballot Reconciliation
- 4.5 PASS Healthcare Audit Services Project
- 4.5.1 HL7 FHIR Security Topics (wiki page)]
- 4.5.2 HL7 Patient Friendly Consent Directive Project
- 4.5.3 Trust Label
- 4.5.4 Security Labeling Service Project Wiki
- 4.5.5 Healthcare Privacy and Security Classification System
- 4.5.6 Security and Privacy Ontology Project Wiki
- 4.5.7 HL7 DS4P CBCC-Security WG Joint Project
- 4.5.8 Joint Vocabulary Alignment Project
- 4.5.9 Joint Projects with ONC and Others
- 4.6 Updates to the FHIR Security Pages per ONC Precision Medicine Initiative and API Privacy and Security Considerations
- 4.7 Security Ballot Information
- 4.8 Security Harmonization Information
- 4.9 HL7 Security Video Library
- 4.10 HL7 Security Document Library
- 4.11 Security WG Reference Model Code
- 4.12 Action Item List
- 4.1 HL7 Security Review and Comment Topics
Security WGM Calendar and Minutes
January 2019 WGM San Antonio
- Confluence January 2019 Security WGM Agenda/Minutes/Attendance - DRAFT
- Wiki January 2019 Security Working Group Meeting Agenda - San Antonio - DRAFT
Previous WGM Links:
- January 2019 Balloting Schedule
- September 2018 Security Working Group Meeting Agenda - Baltimore
- September 2018 Security Working Group Meeting Agenda- Baltimore (DRAFT)
- HL7 September 2018 WGM MINUTES - Baltimore final
Security FHIR Connectathons
Security WG Weekly Meeting Minutes and Agenda
- Security Conference Call, January 8, 2019 Meeting Agenda and Minutes are now located on Confluence!!
- Please do not forget to sign-up for a Confluence Account!!
- Link to request an account for Jira/Confluence, https://confluence.hl7.org/#space-menu-link-content If you have an account for other Work Groups, you do not need to request a new account.
- Calls cancelled for holidays until January 8, 2019
- December 11, 2018 Security Conference Call
- December 4, 2018 Security Conference Call
- November 27, 2018 Security Conference Call
- November 20, 2018 Security Conference Call
- November 13, 2018 Security Conference Call
- November 6, 2018 Security Conference Call
- October 30, 2018 Security Conference Call
- October 23, 2018 Security Conference Call
- October 16, 2018 Security Conference Call
- Calls cancelled to prepare for, attend, and do follow up to September Baltimore WGM Sept 28 - October 5
- September 18, 2018 Security Conference Call
- September 11, 2018 Security Conference Call
- September 4, 2018 Security Conference Call
- August 28, 2018 Security Conference Call
- August 21, 2018 Security Conference Call
- August 14, 2018 Security Conference Call
- August 07, 2018 Security Conference Call
Archive - Security WG WGM and Weekly Meeting Minutes and Agenda
HL7 FHIR Security Calls
Security Project Space
HL7 Security Review and Comment Topics
GDPR (General Data Protection Regulation)
"Is Privacy Obsolete" Study Group Page"
HL7 Kantara and OASIS X-Paradigm Research by Mohammad Jafari
Features papers and blogs were developed to encourage collaborative development across several standards supporting emerging healthcare privacy and security use cases.
ONC Interoperability Standards Advisory 2018 Review and Comment Page
ONC Trusted Exchange Common Agreement Framework Comments Page
- Links for ONC Trusted Exchange Common Agreement Kick Off
- 21st Century Cures Act Trusted Exchange Framework and Common Agreement Public Comment Submission site
- Comments due Aug. 25
FHIR Bulk Data Transfer Privacy and Security Concerns
FHIR Consumer Centered Data Exchange (CCDE) Connectathon
- 201809 Integrated Care Plan, Clinical Decision Support and Consumer Mediated Exchange tracks
- MIHIN June 2018 Consumer Mediated Exchange Connectathon Track 3
- January 2018 New Orleans CCDE Connectathon Track 2
- September 2017 San Diego CCDE Connectathon Track 1
HL7 Version 2 Privacy and Security
Archive of HL7 Security Review and Comment Topics
Approved Security WG Projects
Privacy and Security Framework Architecture (PSAF), TF4FA Ballot Reconciliation
- latest Ballot Reconciliation Sheet
- <<add link>> Ballot Document
PASS Healthcare Audit Services Project
- [<<add link>> Ballot Reconciliation Sheet]
- <<add link>> Ballot Document
HL7 FHIR Security Topics (wiki page)]
HL7 Patient Friendly Consent Directive Project
Trust Label
Security Labeling Service Project Wiki
Healthcare Privacy and Security Classification System
Security and Privacy Ontology Project Wiki
HL7 DS4P CBCC-Security WG Joint Project
- RBAC Privacy and Authorization Terminology Project Scope Statement v0 2.doc joint with Community-Based Collaborative Care
- CDA R2 Implementation Guide for Privacy Consent Directives May 2010 joint with Community-Based Collaborative Care
Joint Vocabulary Alignment Project
- Record Lifecycle, Security, Privacy, and Provenance Vocabulary Alignment
- Way with Verbs: Operations Ontology Project (Deprecated)
Joint Projects with ONC and Others
Updates to the FHIR Security Pages per ONC Precision Medicine Initiative and API Privacy and Security Considerations
- KEY PRIVACY AND SECURITY CONSIDERATIONS FOR HEALTHCARE APPLICATION PROGRAMMING INTERFACES (APIS)
- ONC Role in Precision Medicine Initiative (PMI)
- Health IT Privacy and Security Resources for Providers
Consent on FHIR
Security WG members collaborating on ONC Patient Choice Project Mike Davis, Duane Decouteau, Mohammad Jafari, and Tony Mallia participated in the ONC Patient Choice Basic Consent Pilots at the HL7 Connectathon. Presentations, demonstration, and other material available on this page.
HIMSS 2017 Patient Choice
Featuring FHIR Consent and Consent2Share with UMA and Smart on FHIR Authorization Servers, ONC Patient Choice pilots VA and MiHIN join SAMHSA to demonstrate how emerging technologies can protect sensitive patient health information in implementer friendly ways. See this page for HIMSS collateral, vignette, and demonstration links.
Security Ballot Information
Security Harmonization Information
HL7 Security Video Library
- HL7 Cascading UMA OAuth video - Duane Decouteau
- Privacy on FHIR HIMSS 2015 Security Labeling Demo
- Security Labels for the FHIR Connectathon
- HIMSS 2013 Interoperability Showcase Demonstrations (DS4P) Using Healthcare Security Labels - eHealth Exchange
HL7 Security Document Library
- Healthcare Requirements for Emergency Access by Mike Davis VA
- Bernd Blobel Presentations at 2017 Madrid WGM and other publications
- HL7 Policy Advisory Committee: Security, Privacy, Trust, and Provenance Considerations
- Purpose of Use
- International and National Security and Privacy Policy and SDO Reports
- Privacy and Security, Big Data, Provenance and Privacy Reference Materials
- NIST Privacy Engineering Objectives and Risk Model - Discussion Deck Objective-Based Design for Improving Privacy in Information Systems
- Jan 2014 WGM Security Education Session Presentations
- Security Educational Tutorial on Wed 26th Sept, 2013 at Cambridge, MA.
- Jan 2013 WGM Security Education Session presentations
- Security and Privacy Tutorial 2012
- Security and Privacy mHealth
- HL7 Security and Privacy Requirements for CDA R3
- Security & CBCC Work Group Response to Meaningful Use IFR
- Issue tracking, releases, documentation available at: HL7 Homebase Project
- Security G-Forge site
- HL7 Web page: Security Working Group Web Page
- Cookbook for Security Considerations - Instructions for HL7 standards authors and workgroup members
- Security and Privacy Ontology Project - Weekly updates to the draft Security & Privacy Ontology
- RBAC Use Cases