Difference between revisions of "July 12, 2016 Security Conference Call"
| Line 83: | Line 83: | ||
* Approve Security WG June 28, 2016 Minutes (Approved: Mike, Suzane) | * Approve Security WG June 28, 2016 Minutes (Approved: Mike, Suzane) | ||
* Update on the PSAF Security Policy model - Mike, Dave | * Update on the PSAF Security Policy model - Mike, Dave | ||
| − | - Dave Sliver, | + | - Presentation was shared during the call: |
| + | - Dave Sliver, Chris Shawn, and Mike Davis continued work on PSAF | ||
- Main Level includes Privacy Security material beginning with High level Trust Framework Policy | - Main Level includes Privacy Security material beginning with High level Trust Framework Policy | ||
- This Expand trust framework introducing trust policies, level assurance, trust certificates, and remainder modeling | - This Expand trust framework introducing trust policies, level assurance, trust certificates, and remainder modeling | ||
| + | -Input Policies are dependent on Harmonization policy | ||
| + | -Trust Framework would establish the elements of Trust supported by the contract | ||
- Could have two or more Domain names, each domain would have its own set of policies | - Could have two or more Domain names, each domain would have its own set of policies | ||
| − | - Through Trust | + | - Through Trust Framework there is a harmonization between each Domain |
- | - | ||
* Standards Privacy Impact Assessment Cookbook - Rick | * Standards Privacy Impact Assessment Cookbook - Rick | ||
| + | - The PSS was approved the TFC | ||
| + | - Updating document Ballot based on comments from SW and CBCC | ||
| + | - Document will be send out to both groups to review and comment and send back by Thursday COB | ||
| + | - New comments will be incorporated to send out by Sunday Deadline to HL7 | ||
| + | |||
* PASS Access Control Services Conceptual Model - Diana | * PASS Access Control Services Conceptual Model - Diana | ||
| + | - Completed all updates | ||
| + | - reviewing doc | ||
| + | - Expect to complete at the end of the week, will send out for final review to group | ||
| + | - Obtain final confirmation from Barrett to withdraw negative vote | ||
| + | -seeking to seeking publication by the end of July | ||
| + | |||
* PASS Audit Conceptual Model – Diana | * PASS Audit Conceptual Model – Diana | ||
| + | - We have meetings on Wednesdays | ||
| + | - Sent out Meeting invite to SOA, CBCC, and Security list serve | ||
| + | - Set up a wiki site and in process of loading supporting docs in wiki and Gforge | ||
| + | - Ken Ruben (SOA) sent out email to cochairs on cloud Survey | ||
| + | |||
* HL7 Trust wiki Blockchain updates and new Kantara Blockchain & Smart Contracts Discussion Group, which meets 2 times a week for .5 hour to develop Blockchain, Smart Contracts, and Ledger Technologies use cases and briefing paper recommending next steps. call information | * HL7 Trust wiki Blockchain updates and new Kantara Blockchain & Smart Contracts Discussion Group, which meets 2 times a week for .5 hour to develop Blockchain, Smart Contracts, and Ledger Technologies use cases and briefing paper recommending next steps. call information | ||
| − | + | ||
| + | Kathleen/Blockchain: | ||
| + | - We've been following different Trust Framework | ||
| + | - We have a Wiki page with the list of Trust Framework and efforts on Blockchain | ||
| + | - ONC sent out a challenge/White Paper for Blockchain with implications on Health | ||
| + | - New Kantara looking at usecases related to Health and Trust | ||
| + | - New effort on patience owning data control | ||
| + | - Smart contracts to enable health care consumers negotiating consent with providers and none covered entities | ||
| + | - Canada has a group that developed tools for Canadians to obtain info from different entities based | ||
| + | - Monitoring these efforts and emerging approach to Trust and Provenance and Health information on validation and access | ||
| + | - David: If you not a U.S. Federal Agency , you can still register a paper on Blockchain through the ONC announcement | ||
| + | - Mike Davis Comments: It is a Providence approach, and would like to see how FHIR would be factored in the approach. | ||
| + | - It is not like a digital signature, but rather verifying the info is correct and all the parties involved in the chain can verify he info is correct. | ||
| + | - All Participants are responsible in the sharing of Data integrity | ||
| + | - No one can change the record without all the approval of all stakeholders | ||
| + | - John's Comments: Once a Block chain has been signed, it would prevent any change in the Blockchain, much like digital signature. It is a public measure by the set of peers, who would explain what their signature means or what they agree or not agree with in the chain. | ||
Revision as of 17:50, 19 July 2016
Back to Security Work Group Main Page
Attendees
| x | Member Name | x | Member Name | x | Member Name | |||
|---|---|---|---|---|---|---|---|---|
| Kathleen ConnorSecurity Co-chair | . | Duane DeCouteau | . | Chris Clark | ||||
| X | John MoehrkeSecurity Co-chair | . | Johnathan Coleman | . | Aaron Seib | |||
| . | Alexander Mense Security Co-chair | . | Ken Salyards | . | Christopher D Brown TX | |||
| . | Trish WilliamsSecurity Co-chair | . | Gary Dickinson | . | Dave Silver | |||
| x | Mike Davis | . | Ioana Singureanu | X | Mohammed Jafari | |||
| x | Suzanne Gonzales-Webb | x | Rob Horn | . | Galen Mulrooney | |||
| x | Diana Proud-Madruga | . | Ken Rubin | . | William Kinsley | |||
| . | Rick Grow | . | Paul Knapp | . | Mayada Abdulmannan | |||
| x | Glen Marshall, SRS | . | Bill Kleinebecker | . | Christopher Shawn | |||
| . | Oliver Lawless | x | Grahame Grieve | . | Serafina Versaggi | |||
| . | Beth Pumo | . | Russell McDonell | . | Paul Petronelli , Mobile Health | |||
| . | Christopher Doss | . | Kamalini Vaidya | . | [mailto: TBD ] |
Agenda DRAFT
- (2 min) Roll Call, Agenda Approval
- (3 min) Approve Security WG June 28, 2016 Minutes
- (10 min) Update on the PSAF Security Policy model - Mike
- (5 min) Standards Privacy Impact Assessment Cookbook - Rick
- (5 min) PASS Access Control Services Conceptual Model - Diana
- (5 min) PASS Audit Conceptual Model – Diana
- (10 min) HL7 Trust wiki Blockchain updates and new Kantara Blockchain & Smart Contracts Discussion Group, which meets 2 times a week for .5 hour to develop Blockchain, Smart Contracts, and Ledger Technologies use cases and briefing paper recommending next steps. call information
- (2 min) Action Items, next call agenda, adjournment
Note that there will be a FHIR Security call at 5pm ET See agenda at FHIR Security Agenda
Minutes
- Chaired by John
-
- Approve Security WG June 28, 2016 Minutes (Approved: Mike, Suzane)
- Update on the PSAF Security Policy model - Mike, Dave
- Presentation was shared during the call: - Dave Sliver, Chris Shawn, and Mike Davis continued work on PSAF - Main Level includes Privacy Security material beginning with High level Trust Framework Policy - This Expand trust framework introducing trust policies, level assurance, trust certificates, and remainder modeling -Input Policies are dependent on Harmonization policy -Trust Framework would establish the elements of Trust supported by the contract - Could have two or more Domain names, each domain would have its own set of policies - Through Trust Framework there is a harmonization between each Domain -
- Standards Privacy Impact Assessment Cookbook - Rick
- The PSS was approved the TFC - Updating document Ballot based on comments from SW and CBCC - Document will be send out to both groups to review and comment and send back by Thursday COB - New comments will be incorporated to send out by Sunday Deadline to HL7
- PASS Access Control Services Conceptual Model - Diana
- Completed all updates - reviewing doc - Expect to complete at the end of the week, will send out for final review to group - Obtain final confirmation from Barrett to withdraw negative vote -seeking to seeking publication by the end of July
- PASS Audit Conceptual Model – Diana
- We have meetings on Wednesdays - Sent out Meeting invite to SOA, CBCC, and Security list serve - Set up a wiki site and in process of loading supporting docs in wiki and Gforge - Ken Ruben (SOA) sent out email to cochairs on cloud Survey
- HL7 Trust wiki Blockchain updates and new Kantara Blockchain & Smart Contracts Discussion Group, which meets 2 times a week for .5 hour to develop Blockchain, Smart Contracts, and Ledger Technologies use cases and briefing paper recommending next steps. call information
Kathleen/Blockchain: - We've been following different Trust Framework - We have a Wiki page with the list of Trust Framework and efforts on Blockchain - ONC sent out a challenge/White Paper for Blockchain with implications on Health - New Kantara looking at usecases related to Health and Trust - New effort on patience owning data control - Smart contracts to enable health care consumers negotiating consent with providers and none covered entities - Canada has a group that developed tools for Canadians to obtain info from different entities based - Monitoring these efforts and emerging approach to Trust and Provenance and Health information on validation and access - David: If you not a U.S. Federal Agency , you can still register a paper on Blockchain through the ONC announcement - Mike Davis Comments: It is a Providence approach, and would like to see how FHIR would be factored in the approach. - It is not like a digital signature, but rather verifying the info is correct and all the parties involved in the chain can verify he info is correct. - All Participants are responsible in the sharing of Data integrity - No one can change the record without all the approval of all stakeholders - John's Comments: Once a Block chain has been signed, it would prevent any change in the Blockchain, much like digital signature. It is a public measure by the set of peers, who would explain what their signature means or what they agree or not agree with in the chain.
