This wiki has undergone a migration to Confluence found Here
Difference between revisions of "February 23, 2016 Security Conference Call"
Jump to navigation
Jump to search
| Line 62: | Line 62: | ||
==Agenda '''DRAFT'''== | ==Agenda '''DRAFT'''== | ||
# ''( 5 min)'' '''Roll Call, Agenda Approval''' | # ''( 5 min)'' '''Roll Call, Agenda Approval''' | ||
| − | # ''( 5 min)'' ''' | + | # ''( 5 min)'' '''[http://wiki.hl7.org/index.php?title=February_16,_2016_Security_Conference_Call February 16, 2016 Security WG Conference Call Minutes] |
| − | # ''( 30 min)'' '''March 2016 Security WG Final Harmonization Proposals''' | + | # ''( 30 min)'' '''March 2016 Security WG Final Harmonization Proposals''' Approved |
#*[http://gforge.hl7.org/gf/download/docmanfileversion/9068/13951/March%202016%20VOC_SEC_kathleen_connor%20Changes%20to%20ActConsentDirective.SecurityCategoryObservationValue%20value%20set.doc Changes to SecurityCategoryObservationValue consent directive codes] | #*[http://gforge.hl7.org/gf/download/docmanfileversion/9068/13951/March%202016%20VOC_SEC_kathleen_connor%20Changes%20to%20ActConsentDirective.SecurityCategoryObservationValue%20value%20set.doc Changes to SecurityCategoryObservationValue consent directive codes] | ||
| + | -Completed technical review, fixing the U.S. Privacy login and add to code system | ||
| + | -Using set of codes to apply any patient preference to apply to policy | ||
#*[http://www.hl7.org/documentcenter/public/harmonization/2016Mar/initial/2016Mar_HARM_INITIALPROPOSAL_VOCAB_SECURE_kathleen_connor_Add%20ActUSPrivacyLaw%20to%20v-SECCATOBV_20160207190846.doc Add ActUSPrivacyLaw to v:SecurityCategoryObservationValue] | #*[http://www.hl7.org/documentcenter/public/harmonization/2016Mar/initial/2016Mar_HARM_INITIALPROPOSAL_VOCAB_SECURE_kathleen_connor_Add%20ActUSPrivacyLaw%20to%20v-SECCATOBV_20160207190846.doc Add ActUSPrivacyLaw to v:SecurityCategoryObservationValue] | ||
| + | - Esures inclusion of Privacy Laws | ||
| + | - International set to include exchange of information protection of privacy laws | ||
#*[http://gforge.hl7.org/gf/download/docmanfileversion/9065/13948/March%202016%20VOC_SEC_kathleen_connor%20New%20Obligation%20Codes.doc New Obligation Codes] | #*[http://gforge.hl7.org/gf/download/docmanfileversion/9065/13948/March%202016%20VOC_SEC_kathleen_connor%20New%20Obligation%20Codes.doc New Obligation Codes] | ||
| − | #*[http://gforge.hl7.org/gf/download/docmanfileversion/9067/13950/March%202016%20VOC_SEC_kathleen_connor%20Augment%20ProvenanceEvent%20ValueSet.doc Augment ProvenanceEvent Vocabulary] | + | - Adding new obligations using security labeling |
| − | # ''( 5 min)'' ''' Privacy and Security by Design PSS discussion''' | + | -Security Labeling is to notify recipient what to do classify and de-classify |
| + | -Establishes the rules how to deal with security labels and to keep track of provenance | ||
| + | #*[http://gforge.hl7.org/gf/download/docmanfileversion/9067/13950/March%202016%20VOC_SEC_kathleen_connor%20Augment%20ProvenanceEvent%20ValueSet.doc Augment ProvenanceEvent Vocabulary] | ||
| + | - Adding codes from Security and Privacy anthology | ||
| + | # ''( 5 min)'' ''' Privacy and Security by Design PSS discussion''' - John | ||
| + | - attending Architecture review board meeting | ||
| + | -to submit detailed report after meeting ARB | ||
# ''( 5 min)'' '''Joint Vocabulary Alignment Update''' - Diana | # ''( 5 min)'' '''Joint Vocabulary Alignment Update''' - Diana | ||
| + | -Shared at CBCC call | ||
| + | - Reviewed life cycle names, and made adjustment to reduce confusion and ambiguity of names | ||
| + | - life cycle events in 2889 and FHIR life cycle events | ||
| + | - Audit events life cycles Diacom events | ||
| + | - Q: Can we use Prolonged PM life cycle events on 2889? | ||
| + | - A: We can add but we can’t replace. CB’s are to be added to vocab | ||
# ''( 5 min)'' '''FHIR Security '''report out - John | # ''( 5 min)'' '''FHIR Security '''report out - John | ||
| + | - CBCC-Vocab Alignment between life cycle events between Security and Provenance | ||
| + | -Activities: | ||
| + | - the Verb that is being defined tabbed into the model, and output function | ||
| + | - it generates content by the output functions | ||
| + | - Content was successfully generated by the output function | ||
| + | |||
# ''( 5 min)'' '''PASS Audit Conceptual Model – Diana | # ''( 5 min)'' '''PASS Audit Conceptual Model – Diana | ||
# FYI: Call for papers for Provenance Week 2016 being held in WashingtonDC in June 2016. http://www2.mitre.org/public/provenance2016/index.html | # FYI: Call for papers for Provenance Week 2016 being held in WashingtonDC in June 2016. http://www2.mitre.org/public/provenance2016/index.html | ||
| − | |||
Note that there will be a FHIR Security call at 2pm PT/5pm ET | Note that there will be a FHIR Security call at 2pm PT/5pm ET | ||
See agenda at [http://wiki.hl7.org/index.php?title=HL7_FHIR_Security_2016-26-05 FHIR Security Agenda] | See agenda at [http://wiki.hl7.org/index.php?title=HL7_FHIR_Security_2016-26-05 FHIR Security Agenda] | ||
| − | = Minutes = | + | = Minutes = Approved |
| − | # Consensus Approval of February | + | # Consensus Approval of February 23 |
| − | # | + | # Reviewed and approved final harmonization proposals |
#*[http://www.hl7.org/documentcenter/public/harmonization/2016Mar/initial/2016Mar_HARM_INITIALPROPOSAL_VOCAB_SECURE_kathleen_connor_Change%20ActConsentDirective,%20ActConsentType%20vocab_20160207190712.doc Changes to SecurityCategoryObservationValue consent directive codes] | #*[http://www.hl7.org/documentcenter/public/harmonization/2016Mar/initial/2016Mar_HARM_INITIALPROPOSAL_VOCAB_SECURE_kathleen_connor_Change%20ActConsentDirective,%20ActConsentType%20vocab_20160207190712.doc Changes to SecurityCategoryObservationValue consent directive codes] | ||
#** consolidation of consent directive codes into one code system | #** consolidation of consent directive codes into one code system | ||
Latest revision as of 12:17, 29 February 2016
Back to Security Work Group Main Page
Attendees
| x | Member Name | x | Member Name | x | Member Name | |||
|---|---|---|---|---|---|---|---|---|
| x | Kathleen ConnorSecurity Co-chair | . | Duane DeCouteau | . | Chris Clark | |||
| x | John MoehrkeSecurity Co-chair | . | Johnathan Coleman | . | Aaron Seib | |||
| x | Alexander Mense Security Co-chair | . | Ken Salyards | . | Christopher D Brown TX | |||
| . | Trish WilliamsSecurity Co-chair | . | Gary Dickinson | x | Dave Silver | |||
| x | Mike Davis | . | Ioana Singureanu | x | Mohammed Jafari | |||
| x | Suzanne Gonzales-Webb | x | Rob Horn | . | Galen Mulrooney | |||
| x | Diana Proud-Madruga | . | Ken Rubin | . | William Kinsley | |||
| x | Rick Grow | . | Paul Knapp | . | Debbie Bucci | |||
| x | Glen Marshall, SRS | . | Bill Kleinebecker | x | Christopher Shawn | |||
| . | Oliver Lawless | x | Mayada Abdulmannan | . | Serafina Versaggi | |||
| x | Beth Pumo | . | Russell McDonell | . | Paul Petronelli , Mobile Health | |||
| . | Christopher Doss | x | Kamalini Vaidya | . | [mailto: Stephanie Dyke ] |
Agenda DRAFT
- ( 5 min) Roll Call, Agenda Approval
- ( 5 min) February 16, 2016 Security WG Conference Call Minutes
- ( 30 min) March 2016 Security WG Final Harmonization Proposals Approved
-Completed technical review, fixing the U.S. Privacy login and add to code system -Using set of codes to apply any patient preference to apply to policy
- Esures inclusion of Privacy Laws - International set to include exchange of information protection of privacy laws
- Adding new obligations using security labeling -Security Labeling is to notify recipient what to do classify and de-classify -Establishes the rules how to deal with security labels and to keep track of provenance
- Adding codes from Security and Privacy anthology
- ( 5 min) Privacy and Security by Design PSS discussion - John
- attending Architecture review board meeting -to submit detailed report after meeting ARB
- ( 5 min) Joint Vocabulary Alignment Update - Diana
-Shared at CBCC call - Reviewed life cycle names, and made adjustment to reduce confusion and ambiguity of names - life cycle events in 2889 and FHIR life cycle events - Audit events life cycles Diacom events - Q: Can we use Prolonged PM life cycle events on 2889?
- A: We can add but we can’t replace. CB’s are to be added to vocab
- ( 5 min) FHIR Security report out - John
- CBCC-Vocab Alignment between life cycle events between Security and Provenance -Activities: - the Verb that is being defined tabbed into the model, and output function - it generates content by the output functions - Content was successfully generated by the output function
- ( 5 min) PASS Audit Conceptual Model – Diana
- FYI: Call for papers for Provenance Week 2016 being held in WashingtonDC in June 2016. http://www2.mitre.org/public/provenance2016/index.html
Note that there will be a FHIR Security call at 2pm PT/5pm ET See agenda at FHIR Security Agenda
= Minutes = Approved
- Consensus Approval of February 23
- Reviewed and approved final harmonization proposals
- Changes to SecurityCategoryObservationValue consent directive codes
- consolidation of consent directive codes into one code system
- Add ActUSPrivacyLaw to v:SecurityCategoryObservationValue
- valueset to hold realm specific codes from all realms
- New Obligation Codes
- new obligation codes
- discussion that these are composable codes, and it is not clear how to use composable codes in the HL7 systems we have today that can only communicate a list of codes.
- Augment ProvenanceEvent Vocabulary
- Motion to submit to Harmonization with the understanding that further refinement: Kathleen/Glen: 0-0-14
- Changes to SecurityCategoryObservationValue consent directive codes
- EHR Lifecycle Discussion
MOTION made to approve the presented version: (Approved, need counts)
Privacy and Security by Design PSS discussion
- ARB is meeting tomorrow to discuss the PSS, Rick Grow will be in attendance for the discussion
- update to the PSS will be provided next week
