This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

Difference between revisions of "September 18, 2018 Security Conference Call"

From HL7Wiki
Jump to navigation Jump to search
Line 65: Line 65:
 
#*[http://wiki.hl7.org/index.php?title=September_2018_Security_Working_Group_Meeting_Agenda-_Baltimore_(DRAFT) DRAFT Agenda Link]
 
#*[http://wiki.hl7.org/index.php?title=September_2018_Security_Working_Group_Meeting_Agenda-_Baltimore_(DRAFT) DRAFT Agenda Link]
  
==Meeting Minutes DRAFT==
 
Chair, Kathleen Connor
 
Roll Taken, Agenda reviewed
 
  
 
==Meeting Materials==
 
==Meeting Materials==
Line 82: Line 79:
 
**Support adoption of FHIR Security Labeling, FHIR Consent and FHIR Contract Consent Directive for Part 2 Consent Directives
 
**Support adoption of FHIR Security Labeling, FHIR Consent and FHIR Contract Consent Directive for Part 2 Consent Directives
  
===Meeting Minutes===
+
==Meeting Minutes DRAFT==
 +
Chair, Kathleen Connor
 +
Roll Taken, Agenda reviewed

Revision as of 18:58, 18 September 2018

Back to Security Main Page

Attendees

x Member Name x Member Name x Member Name x Member Name
. John Moehrke Security Co-chair x Kathleen Connor Security Co-chair . Alexander Mense Security Co-chair . Trish Williams Security Co-chair
x Christopher Shawn Security Co-chair x Suzanne Gonzales-Webb x Mike Davis x David Staggs
. Diana Proud-Madruga . Johnathan Coleman . Francisco Jauregui . Joe Lamy
. Rhonna Clark . Greg Linden . Grahame Grieve x Dave Silver
. Beth Pumo . Jim Kretz . Peter Bachman . [mailto: ]
x [mailto: ] . Bo Dagnall . [mailto: ] . [mailto: ]

Back to Security Main Page

Agenda

  1. (2 min) Roll Call, Agenda Approval
  2. (5 min) Review and Approval of Minutes
  3. (5 min) GDPR whitepaper on FHIR Update - meeting cancelled
  4. (5 min) TF4FA Normative Ballot reconciliation (formerly PSAF) - Mike, Chris
  5. (10 min) PASS Audit Update on Document - Mike
  6. (05 min) TF4FA Trust Framework, Volume 3 - Update Mike, Chris
  7. (10 min) Review of the 21st Century Cures EHR Reporting Program Security & Privacy feedback requested by HL7 PAC - Kathleen
  8. (05 min) Check out Security WG Confluence site - Kathleen
  9. (05 min) Security Working Group - upcoming HL7 Working Group Meeting, Baltimore Maryland


Meeting Materials

  • HL7 PAC Request RE: 21st Century Cures EHR Reporting Program
  • ONC released a Request for Information (RFI) on August 24 related to the 21st Century Cures EHR Reporting Program requirements. HL7 will be commenting and our Policy Advisory Committee (PAC) is currently gathering feedback.
  • Comments are due to ONC by October 17, 2018. We ask that you send any comments you would like considered for inclusion in the HL7 response by Thursday, September 20. Please send comments to PAC Chair Mark Segal at msegal@dig-hpa.com and Ticia Gerber at tgerber@hl7.org.
  • As background, ONC states that: This request for information (RFI) seeks input from the public regarding the Electronic Health Record (EHR) Reporting Program established as Section 4002 of the 21st Century Cures Act (Cures Act) codified Section 3009A in Title XXX of the Public Health Service Act (PHSA). This RFI is a first step toward implementing the statute. Its responses will be used to inform subsequent discussions among stakeholders and future work toward the development of reporting criteria under the EHR Reporting Program. ONC is looking for cross-cutting and category specific feedback on 21st Century Cures EHR Reporting Program criteria in the areas of: Security.
  • Describe other useful security and privacy features or functions that a certified health IT product may offer beyond those required by HIPAA and the ONC Health IT Certification Program, such as functions related to requirements under 42 CFR part 2.
  • What information about a certified health IT product's security and privacy capabilities and performance have acquisition decision makers used to inform decisions about acquisitions, upgrades, or use to best support end users' needs? How has that information helped inform decision-making? What other information would be useful in comparing certified health IT products on security and privacy (e.g., compatibility with newer security technologies such as biometrics)?
  • Proposed Input Topics:
    • Support adoption of SAMHSA Consent2Share
    • Support adoption of HL7 Data Segmentation for Privacy CDA IG
    • Support adoption of HL7 Security Labeling Service IG and Healthcare Privacy and Security Classification System
    • Support adoption of FHIR Security Labeling, FHIR Consent and FHIR Contract Consent Directive for Part 2 Consent Directives

Meeting Minutes DRAFT

Chair, Kathleen Connor Roll Taken, Agenda reviewed