Difference between revisions of "October 20, 2015 Security Conference Call"
| Line 83: | Line 83: | ||
==Meeting Minutes DRAFT== | ==Meeting Minutes DRAFT== | ||
| − | |||
| − | '''FHIR | + | Ocotober 13 meeting minutes were unanimously approved |
| − | additional clarification added (see paragraph) | + | |
| + | '''FHIR''' | ||
| + | |||
| + | additional clarification added (see paragraph below) | ||
'' The Security WG will develop guidance regarding use of HL7 Security Standards (e.g. Role and Attribute-based access controls and vocabularies. In addition, the Security WG will work with appropriate external standards organizations to develop appropriate guidance on the use of general purpose security technologies, such as user authentication and authorization, that would aid with the secure and privacy protecting use of FHIR; and guide the FHIR community on the appropriate use of these solutions through the security pages of the FHIR specification, assigned to Security WG by the FMG'' | '' The Security WG will develop guidance regarding use of HL7 Security Standards (e.g. Role and Attribute-based access controls and vocabularies. In addition, the Security WG will work with appropriate external standards organizations to develop appropriate guidance on the use of general purpose security technologies, such as user authentication and authorization, that would aid with the secure and privacy protecting use of FHIR; and guide the FHIR community on the appropriate use of these solutions through the security pages of the FHIR specification, assigned to Security WG by the FMG'' | ||
Revision as of 16:43, 27 October 2015
Attendees
| x | Member Name | x | Member Name | x | Member Name | |||
|---|---|---|---|---|---|---|---|---|
| x | Mike DavisSecurity Co-chair | Duane DeCouteau | . | Chris Clark | ||||
| x | John MoehrkeSecurity Co-chair | x | Johnathan Coleman | . | Aaron Seib | |||
| x | Alexander Mense Security Co-chair | . | Ken Salyards | x | Christopher D Brown TX | |||
| . | Trish WilliamsSecurity Co-chair | . | Gary Dickinson | Dave Silver | ||||
| x | Kathleen Connor | . | Ioana Singureanu | Mohammed Jafari | ||||
| x | Suzanne Gonzales-Webb | Rob Horn | . | Galen Mulrooney | ||||
| x | Diana Proud-Madruga | Ken Rubin | x | William Kinsley | ||||
| x | Rick Grow | x | Paul Knapp | x | Glen Marshall, SRS | |||
| . | Debbie Bucci | x | Bill Kleinebecker | Chris Shawn | ||||
| Oliver Lawless | Rob Horn | Serafina Versaggi | ||||||
| Beth Pumo | Russell McDonell | x | [mailto: Paul Petronelli ], Mobile Health | |||||
| [mailto: Christopher Doss] | [mailto: ] | [mailto: ] |
Agenda DRAFT
- ( 5 min) Roll Call, Agenda Approval
- ( 5 min) Approve October 13 Meeting Minutes
- ( 5 min) Comments on ONC Draft Interoperability Standards Advisory - Kathleen
- PSS Healthcare Security and Privacy Access Control Catalog and NIB
- FHIR PSS for Security http://gforge.hl7.org/gf/project/security/docman/Security%20FHIR/
- Value Set improvements - Kathleen
- Re-approve FHIR Framework (paragraph being added
- FHIR Versioning and FHIR AuditEvent - Paul Knapp to present.
- FHIRframe Discussion
- ( 5 min) PASS Access Control Conceptual Model (SOA) Update - Diana, Don Jorgenson, Mike, Dave
- ( 5 min) Joint Vocabulary Alignment Update - Diana
- ( 35 min) FHIR Security report out - John
Meeting Minutes DRAFT
Ocotober 13 meeting minutes were unanimously approved
FHIR
additional clarification added (see paragraph below)
The Security WG will develop guidance regarding use of HL7 Security Standards (e.g. Role and Attribute-based access controls and vocabularies. In addition, the Security WG will work with appropriate external standards organizations to develop appropriate guidance on the use of general purpose security technologies, such as user authentication and authorization, that would aid with the secure and privacy protecting use of FHIR; and guide the FHIR community on the appropriate use of these solutions through the security pages of the FHIR specification, assigned to Security WG by the FMG
MOTION made to add the clarification (John/Glen)
Objections: none; Abstentions: none Motion passes 11/0/0
Healthcare Security and Privacy Discussed during the WGM and agreed to go forward with the project which wil include the rBAC work (which was coming up for re-ballot' include the RBAC vocabulary and include security delegated vocabulary (OAuth) and will capture some data for Relationship-based Access Control (ReBAC) which is the same vocabulary
This Sunday - Lynn has taken the previous Project identifier and has put it into the system and we need to approve the NIB so that we can proceed with the January 2016 ballot
- follow on activity to ensue
(Suzanne/Glen) motion made to proceed forward with January 2016 ballot NIB objections: none; abstentions: none approved: 11/0/0
