Difference between revisions of "HL7 FHIR Security 2016-2-02"
(→Agenda) |
|||
| Line 43: | Line 43: | ||
==Agenda== | ==Agenda== | ||
| − | |||
| − | Implement the following changes per CP | + | |
| + | Implement the following changes per 2 new CPs | ||
| + | |||
| + | *CP 1: Align AuditEvent and Provenance action/activity element name and definition. Recommend changing to "activity". | ||
[http://hl7-fhir.github.io/auditevent-definitions.html#AuditEvent.action AuditEvent.action [Change to ''AuditEvent.activity''] | [http://hl7-fhir.github.io/auditevent-definitions.html#AuditEvent.action AuditEvent.action [Change to ''AuditEvent.activity''] | ||
| − | Question | + | Question: What to do with the definitional differences - e.g., possibly combine. |
| − | Definition: Indicator for type of action [''Change to "activity".''] performed during the event that generated the audit. | + | [http://hl7-fhir.github.io/auditevent-definitions.html#AuditEvent.action Current AuditEven.action Definition]: Indicator for type of action [''Change to "activity".''] performed during the event that generated the audit. |
Control 0..1 | Control 0..1 | ||
Binding AuditEventAction: Indicator for type of action[''Change to "activity".''] performed during the event that generated the audit. (Required) | Binding AuditEventAction: Indicator for type of action[''Change to "activity".''] performed during the event that generated the audit. (Required) | ||
| Line 61: | Line 63: | ||
Binding ProvenanceEventCurrentState: The activity that took place. (Extensible) | Binding ProvenanceEventCurrentState: The activity that took place. (Extensible) | ||
Type Coding | Type Coding | ||
| − | + | ||
| + | *CP 2: Add to [http://hl7-fhir.github.io/provenance.html Provenance Resource] a new Provenance.entity.lifecycle element to align with [http://hl7-fhir.github.io/auditevent.html Audit.entity.lifecycle]. | ||
| + | [http://hl7-fhir.github.io/auditevent-definitions.html#AuditEvent.entity.lifecycle Current Audit.entity.lifecycle Definition] | ||
| + | Identifier for the data life-cycle stage for the entity. | ||
| + | Control 0..1 | ||
| + | Binding AuditEventObjectLifecycle: Identifier for the data life-cycle stage for the object. (Extensible) | ||
| + | Type Coding | ||
| + | Requirements | ||
| + | Institutional policies for privacy and security may optionally fall under different accountability rules based on data life cycle. This provides a differentiating value for those cases. Comments | ||
| + | This can be used to provide an audit trail for data, over time, as it passes through the system." | ||
| + | Possible Provenance.entity.lifecycle would be the same as the Audit.entity.lifecycle. | ||
| + | |||
==Minutes== | ==Minutes== | ||
*Kathleen cochaired. | *Kathleen cochaired. | ||
Revision as of 19:58, 3 February 2016
Contents
Call Logistics
Weekly: Tuesday at 05:00 EST (2 PM PST)
Conference Audio: 770-657-9270,' Access: 845692
Join online meeting: https://meet.RTC.VA.GOV/suzanne.gonzales-webb/67LLFDYV
If you are having difficulty joining, please try:
https://global.gotomeeting.com/join/520841173
Please be aware that teleconference meetings are recorded to assist with creating the meeting minutes
Back to HL7 FHIR security topics
Attendees
| Member Name | Member Name | Member Name | ||||||
|---|---|---|---|---|---|---|---|---|
| John Moehrke Security Co-Chair | x | Kathleen Connor Security Co-Chair | Suzanne Gonzales-Webb CBCC Co-Chair | |||||
| Gary Dickinson EHR Co-Chair | Johnathan ColemanCBCC Co-Chair | Mike Davis | ||||||
| Reed Gelzer RM-ES Lead | x | Glen Marshal | Galen Mulrooney | |||||
| Dave Silver | x | Rob Horn | Judy Fincher | |||||
| Diana Proud-Madruga | [mailto:] | [mailto:] |
Agenda
Implement the following changes per 2 new CPs
- CP 1: Align AuditEvent and Provenance action/activity element name and definition. Recommend changing to "activity".
AuditEvent.action [Change to AuditEvent.activity
Question: What to do with the definitional differences - e.g., possibly combine. Current AuditEven.action Definition: Indicator for type of action [Change to "activity".] performed during the event that generated the audit. Control 0..1 Binding AuditEventAction: Indicator for type of action[Change to "activity".] performed during the event that generated the audit. (Required) Type code Requirements This broadly indicates what kind of action [Change to "activity".] was done on the AuditEvent.entity by the AuditEvent.agent.
Definition: An activity is something that occurs over a period of time and acts upon or with entities; it may include consuming, processing, transforming, modifying, relocating, using, or generating entities. Control 0..1 Binding ProvenanceEventCurrentState: The activity that took place. (Extensible) Type Coding
- CP 2: Add to Provenance Resource a new Provenance.entity.lifecycle element to align with Audit.entity.lifecycle.
Current Audit.entity.lifecycle Definition Identifier for the data life-cycle stage for the entity. Control 0..1 Binding AuditEventObjectLifecycle: Identifier for the data life-cycle stage for the object. (Extensible) Type Coding Requirements Institutional policies for privacy and security may optionally fall under different accountability rules based on data life cycle. This provides a differentiating value for those cases. Comments This can be used to provide an audit trail for data, over time, as it passes through the system." Possible Provenance.entity.lifecycle would be the same as the Audit.entity.lifecycle.
Minutes
- Kathleen cochaired.
- After a quick review of the agenda, participants decided to defer discussion until John Moehrke, the Security FHIR Facilitator, is able to join.
- Kathleen submitted CP 9407 on this topic.
- Call adjourned early.
- Add Provenance.entity.lifecycle to align with Audit.entity.lifecycle.
Identifier for the data life-cycle stage for the entity. Control 0..1 Binding AuditEventObjectLifecycle: Identifier for the data life-cycle stage for the object. (Extensible) Type Coding Requirements Institutional policies for privacy and security may optionally fall under different accountability rules based on data life cycle. This provides a differentiating value for those cases. Comments This can be used to provide an audit trail for data, over time, as it passes through the system." Possible Provenance.entity.lifecycle would be the same as the Audit.entity.lifecycle.
