Difference between revisions of "HL7 FHIR security topics"

Project ID 1209

• FHIR disposition link on gForge for review/discussion (ongoing weekly agenda item)

Export from Gforge Security Open

Wiki

• 3318 Clarify how to use RBAC and ABAC using FHIR ()
• 5525 Consent Directive does not appear to be aligned with the 80% ()
• 6303 Add Record Lifecycle Events to AuditEventObjectLifecycle Set ()
• 7563 2015May core #854 - Expand on how to use Provenance ()
• 7567 2015May core #858 - Provenance isn't sufficiently aligned with w3c spec ()
• 7568 2015May core #859 - How are agent and activity linked? ()
• 7569 2015May core #860 - Clarify relationship agents and entities used in activity ()
• 7570 2015May core #861 - Clarify relationship agents and entities used in activity ()
• 7597 2015May core #888 - This resource is missing any reference to the "action" performed on the entity. Is there a default "create" action or is it an omission? ()
• 7598 2015May core #889 - Can Provenance apply to a resource or just a data element ()
• 8638 how does Provenance work when deleting records ()
• 8731 Canonicalization for signatures ()
• 8738 Unapplied QA changes around security and services ()
• 8790 Give guidance on AuditEvent that codes don't need DisplayName populated ()
• 8803 Provenance for a subset of a resource ()
• 8827 Signature datatype does not include counter-signature type ()

Other

• Security pages
  • Including guidance on Authentication and Authorization
  • Security Labels Page
    • including meta tag use for security labels
• Signature Data Type

Provenance Resource

• Address outstanding Provenance CPs from January 2015 FHIR Ballot mistakenly assigned to FHIR Infrastructure
• Including signature use within Provenance
• Provenance.activity value-set needs to be enlarged with existing vocabulary, and discussion around if it should be marked as Extensible.
• Provenance.entity.role unclear how each vocabulary item should be used.
  • how is derivation to be used?
  • how is revision to be used, other than the duplicate indication that would be in Provenance.activity.
• Provenance.reason binding only to the PurposeOfUse is not granular. Seems there should be a more clear distinction between reason and activity. question on why this is Extensible
• show how a resource and provenance would look as that resource transitions through lifecycle. In this way one would be able to find each step of the lifecycle, by way of version; and the provenance statement by way of the pointer to that version specific.
• Detailed work plan and notes HL7 FHIR Provenance Resource

AuditEvent Resource

• Address outstanding AuditEvent CPs from January 2015 FHIR Ballot mistakenly assigned to FHIR Infrastructure
  • harmonize the structure, element names, and vocabulary as much as possible with Provenance.
  • document use cases for interoperable FHIR AuditEvent - e.g., federated system with central AuditEvent Service - intra- and inter-enterprise.
  • address the thought experiment of why do we have both Provenance and AuditEvent. (motivation vs consequence) (medical records vs security surveillance)
    • See http://hl7-fhir.github.io/auditevent-mappings.html#w3c.prov
    • See http://hl7-fhir.github.io/auditevent-mappings.html#fhirprovenance
    • See http://hl7-fhir.github.io/provenance-mappings.html#w3c.prov
    • See http://hl7-fhir.github.io/provenance-mappings.html#fhirauditevent
    • See http://hl7-fhir.github.io/w5
  • Who records Provenance vs AuditEvent; what are the various architectures. The important point is to assure that the architecture chosen doesn't miss information.
• and various other things concerning Security -- Risks to Confidentiality, Integrity, and Availability.
• also interested in
  • W5
  • Privacy Consent as a profile on Contract