This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

Difference between revisions of "November 13, 2012 Security Working Group Conference Call"

From HL7Wiki
Jump to navigation Jump to search
 
(8 intermediate revisions by one other user not shown)
Line 1: Line 1:
=Security Working Group Meeting=
 
[[Security| Meeting Information]]
 
[[Security|Back to Security Main Page]]
 
==Attendees==
 
*[mailto:bill.braithwaite@equifax.com Bill Braithwaite]
 
*[mailto:jcarter@apelon.com John Carter]
 
*[mailto:Kathleen_Connor@comcast.net Kathleen Connor]
 
*[mailto:mike.davis@va.gov Mike Davis] Security Cochair
 
*[mailto:ddecouteau@edmondsci.com Duane DeCouteau]
 
*[mailto:rdgelzer@docintegrity.com Reed D. Gelzer]
 
*[mailto:sgonzales-webb@drc.com Suzanne Gonzales-Webb] CBCC Cochair
 
*[mailto:robert.horn@agfa.com Rob Horn]
 
*[mailto:ajames@drc.com Adrienne James]
 
*[mailto:jim.kretz@samhsa.hhs.gov Jim Kretz]
 
*[mailto:ted.lesueur.com Ted Lesueur]
 
*[mailto:john.moehrke@med.ge.com John Moehrke] Security Cochair
 
*[mailto:milan.petkovic@phillips.com Milan Petkovic]
 
*[mailto:palm@palmcorp.com Paul L Petronelli]
 
*[mailto:ppyette@perimind.com Patrick Pyette]
 
*[mailto:Harry.Rhodes@ahima.org Harry Rhodes]
 
*[mailto:arnie@mitre.org Arnie Rosenthal]
 
*[mailto:kenneth.salyards@samhsa.hhs.gov Ken Salyards]
 
*[mailto:jennifer.t.sisto@accenture.com Jennifer T. Sisto]
 
*[mailto:richard.thoreson@samhsa.hhs.gov Richard Thoreson] CBCC Cochair
 
*[mailto:Serafina.Versaggi@gmail.com Serafina Versaggi]
 
*[mailto:weida@apelon.com Tony Weida]
 
*[mailto:trish.williams@ecu.edu.au Trish Williams] Security Cochair
 
 
[[Security|Back to Security Main Page]]
 
[[Security|Back to Security Main Page]]
 
==Agenda==
 
==Agenda==
Line 35: Line 8:
 
#''(05 min)'' '''Other Business, Agenda for Next call, Action Items, and Wrap Up
 
#''(05 min)'' '''Other Business, Agenda for Next call, Action Items, and Wrap Up
 
==Minutes==
 
==Minutes==
*RE:  Approval of Minutes and Agenda – Presiding Cochair, Mike Davis, asked for approval of the minutes and agenda.  XXX moved; YYY seconded.  Minutes and agenda approved (0-0-7)
+
*RE:  Approval of Minutes and Agenda – Presiding Cochair, Mike Davis, asked for approval of the minutes and agenda.  Richard Thoreson moved; John Moehrke seconded.  Minutes and agenda approved (0-0-6)
*RE:  '''S&P Ontology Ballot Update''' - Tony Weida is back and will be working with the group on the Ontology release. The notice of intent to ballot was submitted for January. We found that there was an un-reconciled set of comments from May that have to be resolved by this Sunday. Those comments must be resolved.  The recommendation is that since there is an active ballot with HCS and other work going to ballot in January, we can withdraw the ontology from the current cycle and submit it for May. John Carter is okay with this decision.   
+
*RE:  '''S&P Ontology Ballot Update'''
 +
**Due to time limitations to complete reconciliation for May 2012 ballot and notify negative votes about dispositions for the May 2011 ballot, SWG agreed to withdraw the ballot and resubmit for May 2012. John Moehrke moved that the Ontology NIB be withdrawn for January 2013, and deferred until May 2013; Richard Thoreson secondedMotion carried (0-0-6)
 
**Note from Don Lloyd to SWG Cochairs:  May 2011 ballot –Recon SS was posted; however, negative voters were not notified.  Also, while the May 2012 ballot was a Comment Only ballot, it would be appreciated if the WG would post a spreadsheet and notify voters.
 
**Note from Don Lloyd to SWG Cochairs:  May 2011 ballot –Recon SS was posted; however, negative voters were not notified.  Also, while the May 2012 ballot was a Comment Only ballot, it would be appreciated if the WG would post a spreadsheet and notify voters.
*'''Motion to Remove Ontology from the January Ballot'''
+
*RE:  '''HCS Ballot Update''' Mike discussed updates to the ballot materialBallot material will be submitted by Sunday, Nov. 18th.
**Mike Davis moved to remove ontology from the January ballot and resubmit it for the May ballot. That motion was second by Richard Thoreson. The motion passedThe NIB will be withdrawn by Kathleen. There will not be a discussion on ontology every week. The group will reconcile the comments and meet every other week and see how that goes. Meetings will happen every week or as needed.
+
*RE:  '''November SWG Harmonization Report''' – Kathleen reported that the SWG proposals were approved during the Nov. Harmonization meeting.
*RE:  '''HCS Ballot Update''' - The NIB has been submitted. The content must be submitted by Sunday. The intent is to submit a more reduced content than what was submitted before. The Table 1 listed on page 5 with the different categories of the different labels. The table also has some proposed vocabulary but we will be removed those so that the normative is just the labels themselves. We will do the conformance specification in terms of the vocabulary. We will have an example that uses the HL7 vocabulary as a non-normative but as an example of the classification system. We have some material on integrity that is more descriptive. We will move the vocabulary out as a normative but more as a conformance statement. We will have the word document to review for the next meeting.  Hopefully the next version will be more open to receiving comments. 
+
*RE:  '''Consent Directive CDA Update for DS4P and Security Label Template'''  From proposed Nov. 13 CBCC Call Agenda: Proposed changes to CDAr2 Implementation Guide for Consent Directives based on lessons-learned from ONC S&I Framework DS4P Initiative (Data Segmentation for Privacy) and new Health Care Classification Scheme project related to Security Labeling to meet the following requirements:
*RE:  '''November SWG Harmonization Report'''- There are links listed on the Security Wiki page to the vocabulary that were approved. The celebrity code was changed to VIP. The code that was missed last time has been updated.  We worked through the observation categories and it was approved. The proposal is here and Kathleen had to restructure it so that that the rational was separate. There is a pretty uniform approach throughout the document. There is a tag set (i.e. code system) where you chose the value that you will put in the field to populate your label. Kathleen will pull out the pieces that are salient for business users versus the pieces that you see when looking at a proposal to provide a copy for the HCS.  
 
*RE:  '''Consent Directive CDA Update for DS4P and Security Label Template'''  From proposed Nov. 13 CBCC Call Agenda: Proposed changes to CDAr2 Implementation Guide for Consent Directives based on lessons-learned from ONC S&I Framework DS4P Initiative (Data Segmentation for Privacy) and new Health Care Classification Scheme project related to Security Labeling  
 
 
**Ensure that specific information (e.g., a specific substance abuse encounter to diagnosis and treat HIV related to substance abuse) can be specified as a “redacted” or “masked” segment of health information  
 
**Ensure that specific information (e.g., a specific substance abuse encounter to diagnosis and treat HIV related to substance abuse) can be specified as a “redacted” or “masked” segment of health information  
 
**Enable metadata tagging of general and specific PHI “sequestered” by a CDA Consent Directive with security label fields (using HL7 SecurityObservationVocabulary to indicate confidentiality, sensitivity, handling caveats, and integrity) so that custodians and receivers can enforce access control based on the security label  
 
**Enable metadata tagging of general and specific PHI “sequestered” by a CDA Consent Directive with security label fields (using HL7 SecurityObservationVocabulary to indicate confidentiality, sensitivity, handling caveats, and integrity) so that custodians and receivers can enforce access control based on the security label  
 
*RE:  Other Business, Agenda for Next call, Action Items, and Wrap Up
 
*RE:  Other Business, Agenda for Next call, Action Items, and Wrap Up
 
Meeting adjourned at 2:00 PM Eastern
 
Meeting adjourned at 2:00 PM Eastern
 
 
==Action Items==
 
==Action Items==
*RE:
+
*RE: John and Kathleen to work with HL7 HQ to withdraw Ontology NIB>
*RE:
+
*RE: HCS ballot submission by Nov.18.
 
==Reference Material from Call==
 
==Reference Material from Call==
 
*[http://gforge.hl7.org/gf/download/docmanfileversion/7066/9856/2012Nov_HARM_FINALPROPOSAL_VOCAB_SECURE_kathleen_connor_SecurityObservationVocabulary_forSWG.doc Security Observation Vocabulary Final Nov. 2012 Harmonization Proposal]
 
*[http://gforge.hl7.org/gf/download/docmanfileversion/7066/9856/2012Nov_HARM_FINALPROPOSAL_VOCAB_SECURE_kathleen_connor_SecurityObservationVocabulary_forSWG.doc Security Observation Vocabulary Final Nov. 2012 Harmonization Proposal]

Latest revision as of 04:03, 19 November 2012

Back to Security Main Page

Agenda

  1. (05 min) Roll Call, Approve November 6, 2012 Security Working Group Conference Call November 6, 2012 Security Working Group Conference Call Minutes & Accept Agenda
  2. (10 min) S&P Ontology Ballot Update – Mike Davis and John Carter
  3. (15 min) HCS Ballot Update - Mike Davis
  4. (10 min) November SWG Harmonization Report – Kathleen Connor
  5. (15 min) Consent Directive CDA Update for DS4P and Security Label Template – Group
  6. (05 min) Other Business, Agenda for Next call, Action Items, and Wrap Up

Minutes

  • RE: Approval of Minutes and Agenda – Presiding Cochair, Mike Davis, asked for approval of the minutes and agenda. Richard Thoreson moved; John Moehrke seconded. Minutes and agenda approved (0-0-6)
  • RE: S&P Ontology Ballot Update
    • Due to time limitations to complete reconciliation for May 2012 ballot and notify negative votes about dispositions for the May 2011 ballot, SWG agreed to withdraw the ballot and resubmit for May 2012. John Moehrke moved that the Ontology NIB be withdrawn for January 2013, and deferred until May 2013; Richard Thoreson seconded. Motion carried (0-0-6)
    • Note from Don Lloyd to SWG Cochairs: May 2011 ballot –Recon SS was posted; however, negative voters were not notified. Also, while the May 2012 ballot was a Comment Only ballot, it would be appreciated if the WG would post a spreadsheet and notify voters.
  • RE: HCS Ballot Update – Mike discussed updates to the ballot material. Ballot material will be submitted by Sunday, Nov. 18th.
  • RE: November SWG Harmonization Report – Kathleen reported that the SWG proposals were approved during the Nov. Harmonization meeting.
  • RE: Consent Directive CDA Update for DS4P and Security Label Template From proposed Nov. 13 CBCC Call Agenda: Proposed changes to CDAr2 Implementation Guide for Consent Directives based on lessons-learned from ONC S&I Framework DS4P Initiative (Data Segmentation for Privacy) and new Health Care Classification Scheme project related to Security Labeling to meet the following requirements:
    • Ensure that specific information (e.g., a specific substance abuse encounter to diagnosis and treat HIV related to substance abuse) can be specified as a “redacted” or “masked” segment of health information
    • Enable metadata tagging of general and specific PHI “sequestered” by a CDA Consent Directive with security label fields (using HL7 SecurityObservationVocabulary to indicate confidentiality, sensitivity, handling caveats, and integrity) so that custodians and receivers can enforce access control based on the security label
  • RE: Other Business, Agenda for Next call, Action Items, and Wrap Up

Meeting adjourned at 2:00 PM Eastern

Action Items

  • RE: John and Kathleen to work with HL7 HQ to withdraw Ontology NIB>
  • RE: HCS ballot submission by Nov.18.

Reference Material from Call

Back to Security Main Page

Retrieved from "https://wiki.hl7.org/w/index.php?title=November_13,_2012_Security_Working_Group_Conference_Call&oldid=67901"