This wiki has undergone a migration to Confluence found Here
Difference between revisions of "October 14, 2016 Security Conference Call"
Jump to navigation
Jump to search
m (→Minutes) |
|||
| Line 63: | Line 63: | ||
==Minutes== | ==Minutes== | ||
| − | * | + | * Chairedby Kathleen |
| − | |||
* Discussion | * Discussion | ||
| − | + | ||
| + | |||
| + | *Roll Call, Agenda Approval | ||
| + | Purpose: Review and seek approval to submit 3 initial harmonization proposals by midnight ET today. | ||
| + | |||
| + | *Harmonization Schedule: | ||
| + | Initial Proposals - Submissions due 10/14/2016, midnight Eastern | ||
| + | ** Comment- Glen: The Standardization appears to not be regulated. | ||
| + | *** Is it possible to obtain a limited consent for research only? | ||
| + | *** How is it presented? We should present the patient with choices, and how is it presented under what conditions? | ||
| + | *** How do you stay in touch with patients to re-purpose of Data. | ||
| + | *** How do we deal with expansive vocabulary? | ||
| + | ** Kathleen Comment (Global Alliance work): | ||
| + | *** They contributed to the original set of codes into HL7 | ||
| + | *** Question (John) : What is the relationship between Common Accord and HL7? | ||
| + | *** Answer (Kathleen): Common Accord and HL7 is doing something similar to create smart contracts. | ||
| + | ** Working with Patient Choice (Kathleen) | ||
| + | *** Patient choice is seeking technical solution | ||
| + | *** There was a FHIR questionnaire on recent consent scenarios | ||
| + | *** Vocabulary Group accepted the proposal; however, Mike Davis would like to see more granularity | ||
| + | *** Patient Choice (ONC Project) is looking on how to find standards for research consent. (Kathleen) | ||
| + | *** Patient Choice is looking to see if FHIR consent can be used to collect consent | ||
| + | *** On November 4, 2016 we have to have a final decision (Kathleen) | ||
| + | |||
| + | *Final Proposals - Submissions due 11/04/2016, midnight Eastern | ||
| + | *Proposal 1- Incompetency override code specialization of ActConsentInformationAccessOverrideReason in ActReason code system | ||
| + | ** We have a set of override codes, concept from V2 | ||
| + | ** One code is cased on Patient declining | ||
| + | ** Another is based on Patient incompetence (Incompetency Override) | ||
| + | ** Comment: The term incompetent appears insensitive and not an active assessment of the patient (John) | ||
| + | * Proposal 2 - Five new Security Compartment Label Codes | ||
| + | ** We can use compartments or workflow to better define purpose of use (ISO-2382-8) | ||
| + | ** It is a division of Data into isolated blocks with separate security controls | ||
| + | ** It is create a special compartment to financial management such as an offsite billing service (Patient Administration) | ||
| + | ** Comment (John): It reads as a structural role rather than a workflow or compartment | ||
| + | ** Mike Davis advised in the past that the compartments to be more granular | ||
| + | ** Is this Role based Access? | ||
| + | **Comment Mike Davis: The security is for access control is too complex. | ||
| + | *** Criteria recommendations: Is there a security or privacy use that supports authorization decision? | ||
| + | *** Is the code needed to support introprability? | ||
| + | *** Is the code needed beyond legal and privacy, and who would own this (expert party)? | ||
| + | *** Is the code needed beyond Security and Privacy? | ||
| + | * Next Step: | ||
| + | ** (John) would like to develop a methodology for compartment in healthcare. | ||
| + | ** (Glen & Mike Agree)- Compartments are to be more grounded in access control. | ||
| + | |||
| + | * Proposal 3 - Additional Research Purpose of Use Codes | ||
| + | ** Call Adjourned | ||
Latest revision as of 18:59, 18 October 2016
Attendees
| x | Member Name | x | Member Name | x | Member Name | x | Member Name | |||
|---|---|---|---|---|---|---|---|---|---|---|
| x | John MoehrkeSecurity Co-chair | x | Kathleen ConnorSecurity Co-chair | . | Alexander Mense Security Co-chair | . | Trish WilliamsSecurity Co-chair | |||
| x | Mike Davis | x | Suzanne Gonzales-Webb | . | David Staggs | x | Mohammed Jafari | |||
| x | Glen Marshall, SRS | . | Beth Pumo | . | Ioana Singureanu | . | Rob Horn | |||
| x | Diana Proud-Madruga | . | Serafina Versaggi | . | Joe Lamy | . | Galen Mulrooney | |||
| . | Duane DeCouteau | . | Chris Clark | . | Johnathan Coleman | . | Aaron Seib | |||
| . | Ken Salyards | . | Christopher D Brown TX | . | Gary Dickinson | . | Dave Silver | |||
| x | Rick Grow | . | William Kinsley | . | Paul Knapp | . | Mayada Abdulmannan | |||
| . | Kamalini Vaidya | . | Bill Kleinebecker | x | Christopher Shawn | . | Grahame Grieve | |||
| . | Oliver Lawless | . | Ken Rubin | . | Paul Petronelli , Mobile Health | . | Russell McDonell |
Agenda DRAFT
- (2 min) Roll Call, Agenda Approval
- Purpose: Review and seek approval to submit 3 initial harmonization proposals by midnight ET today.
- Harmonization Schedule:
- Initial Proposals - Submissions due 10/14/2016, midnight Eastern
- Final Proposals - Submissions due 11/04/2016, midnight Eastern
- Proposal 1- Incompetency override code specialization of ActConsentInformationAccessOverrideReason in ActReason code system
- Proposal 2 - Five new Security Compartment Label Codes
- Proposal 3 - Additional Research Purpose of Use Codes
Minutes
- Chairedby Kathleen
- Discussion
- Roll Call, Agenda Approval
Purpose: Review and seek approval to submit 3 initial harmonization proposals by midnight ET today.
- Harmonization Schedule:
Initial Proposals - Submissions due 10/14/2016, midnight Eastern
- Comment- Glen: The Standardization appears to not be regulated.
- Is it possible to obtain a limited consent for research only?
- How is it presented? We should present the patient with choices, and how is it presented under what conditions?
- How do you stay in touch with patients to re-purpose of Data.
- How do we deal with expansive vocabulary?
- Kathleen Comment (Global Alliance work):
- They contributed to the original set of codes into HL7
- Question (John) : What is the relationship between Common Accord and HL7?
- Answer (Kathleen): Common Accord and HL7 is doing something similar to create smart contracts.
- Working with Patient Choice (Kathleen)
- Patient choice is seeking technical solution
- There was a FHIR questionnaire on recent consent scenarios
- Vocabulary Group accepted the proposal; however, Mike Davis would like to see more granularity
- Patient Choice (ONC Project) is looking on how to find standards for research consent. (Kathleen)
- Patient Choice is looking to see if FHIR consent can be used to collect consent
- On November 4, 2016 we have to have a final decision (Kathleen)
- Comment- Glen: The Standardization appears to not be regulated.
- Final Proposals - Submissions due 11/04/2016, midnight Eastern
- Proposal 1- Incompetency override code specialization of ActConsentInformationAccessOverrideReason in ActReason code system
- We have a set of override codes, concept from V2
- One code is cased on Patient declining
- Another is based on Patient incompetence (Incompetency Override)
- Comment: The term incompetent appears insensitive and not an active assessment of the patient (John)
- Proposal 2 - Five new Security Compartment Label Codes
- We can use compartments or workflow to better define purpose of use (ISO-2382-8)
- It is a division of Data into isolated blocks with separate security controls
- It is create a special compartment to financial management such as an offsite billing service (Patient Administration)
- Comment (John): It reads as a structural role rather than a workflow or compartment
- Mike Davis advised in the past that the compartments to be more granular
- Is this Role based Access?
- Comment Mike Davis: The security is for access control is too complex.
- Criteria recommendations: Is there a security or privacy use that supports authorization decision?
- Is the code needed to support introprability?
- Is the code needed beyond legal and privacy, and who would own this (expert party)?
- Is the code needed beyond Security and Privacy?
- Next Step:
- (John) would like to develop a methodology for compartment in healthcare.
- (Glen & Mike Agree)- Compartments are to be more grounded in access control.
- Proposal 3 - Additional Research Purpose of Use Codes
- Call Adjourned
