This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

Difference between revisions of "November 6, 2018 Security Conference Call"

From HL7Wiki
Jump to navigation Jump to search
Line 19: Line 19:
 
   
 
   
 
|-
 
|-
||   x|| [mailto:Diana.Proud-Madruga@electro-soft.com Diana Proud-Madruga]
+
|| x|| [mailto:Diana.Proud-Madruga@electro-soft.com Diana Proud-Madruga]
 
||||.|| [mailto:jc@securityrs.com Johnathan Coleman]
 
||||.|| [mailto:jc@securityrs.com Johnathan Coleman]
 
||||.|| [mailto:fjaureui@electrosoft-inc.com Francisco Jauregui]
 
||||.|| [mailto:fjaureui@electrosoft-inc.com Francisco Jauregui]
Line 58: Line 58:
 
Discussion/ updates to be made - add count to vote under DS4P
 
Discussion/ updates to be made - add count to vote under DS4P
 
(Suzanne / Joe L)
 
(Suzanne / Joe L)
object/abstain: none approval:  
+
Objection: none; Abstain: none Approval: 8
  
  
 
'''PASS AUDIT Revision'''
 
'''PASS AUDIT Revision'''
* unknown if ballot reconciliation sheet was ever uploaded to ballot site
+
* Unknown if ballot reconciliation sheet was ever uploaded to ballot site
** if it hasn't, it needs to (Mike/Diana/Kathleen - need to decide plan of action to review)
+
** If it hasn't, it needs to (Mike/Diana/Kathleen - need to decide plan of action to review)
** unsure if withdrawals have been requested
+
** Unsure if withdrawals have been requested
* approximately 50 of the comments had been addressed; to the best of knowledge nothing has been done since then
+
* Approximately 50 of the comments had been addressed; to the best of knowledge nothing has been done since then
 
** DaveS - thought Mike had said that reconciliation is done is to request to withdraw negative votes
 
** DaveS - thought Mike had said that reconciliation is done is to request to withdraw negative votes
 
**Kathleen's understanding was we were waiting on updates to the document
 
**Kathleen's understanding was we were waiting on updates to the document
  
 
Harmonization proposals - tonight is final proposals nneed to be in
 
Harmonization proposals - tonight is final proposals nneed to be in
* we have reviewed them all earlier
+
* We have reviewed them all earlier
** additional CUIs need to be added per Kathleen (specific to the portion marking in the ''print name'' code
+
** Additional CUIs need to be added per Kathleen (specific to the portion marking in the ''print name'' code
*** only a slight variation/change is needed to correct
+
*** Only a slight variation/change is needed to correct
** reviewed a spreadsheet instead of word document
+
** Reviewed a spreadsheet instead of word document
**banners do not have parenthesis around them, but when you go to the portion marking, there are and  a differnt CUI marking is needed) as shown under 'Marking Multiple Pages'
+
** It was noted that banners do not have parenthesis around them, but when you go to the portion marking, there are and  a differnt CUI marking is needed) as shown under 'Marking Multiple Pages'
  
* additional issue -
+
* Additional issue -
 
** under RoseTree, xml used in version 3 if you look at code system; under _ActCodeSystem
 
** under RoseTree, xml used in version 3 if you look at code system; under _ActCodeSystem
 
***SecurityPolicy(security Polcy)
 
***SecurityPolicy(security Polcy)
Line 84: Line 84:
 
Proposal has been reviewed by co-sponsor Patient Administration - they have reviewed the presented and final.
 
Proposal has been reviewed by co-sponsor Patient Administration - they have reviewed the presented and final.
  
Motion to approval as presented (Suzanne/Theresa) with addition of CUI changes
+
* VOTE: Motion to approve Harmonization Proposal as presented (Suzanne/Theresa) ''with addition of CUI changes''
Opposed: none: abstention: none;  
+
** Opposed: none: abstention: none; Approve: 8
Kathleen will submit today (tonight) with additional CUI changes
+
** Kathleen will submit today (tonight) with additional CUI changes
  
GPR
+
'''GDPR White Paper'''
Peter started discussion with POU which fits very nicely with current POU defiitnon
+
* Low attendance, would like more people from EU
*there is a difference in POU and purpose of processing
+
* Peter started discussion with POU which fits very nicely with current POU vocabulary definition
** Peter is currently working (in company for porosal for possible codes to better define purpose of processing
+
* Agreement during meeting that there is a difference in POU and purpose of processing
 +
** Peter is currently working (in company for proposal) for possible codes to better define purpose of processing
 
* Peter is trying to mesh of POU in Europe - some of the items do not make sense when applied to purpose of processing; based on purpose i.e. law, xx or xx (is this policy?)
 
* Peter is trying to mesh of POU in Europe - some of the items do not make sense when applied to purpose of processing; based on purpose i.e. law, xx or xx (is this policy?)
 
* (Kathleen) There is abranch that is not healthcare specific which may be helpful to look at
 
* (Kathleen) There is abranch that is not healthcare specific which may be helpful to look at
Line 103: Line 104:
  
 
Connectathon
 
Connectathon
* NOte:  MiHIN is willing to join in the Montréal Connectathon  
+
* Note:  MiHIN is willing to join in the Montréal Connectathon  
 
* finished storyboard in June, people involved in SLS, consent will also be involved in January and in May.  
 
* finished storyboard in June, people involved in SLS, consent will also be involved in January and in May.  
  

Revision as of 18:34, 13 November 2018

Back to Security Main Page

Attendees

Back to Security Main Page

x Member Name x Member Name x Member Name x Member Name
x John Moehrke Security Co-chair x Kathleen Connor Security Co-chair x Alexander Mense Security Co-chair . Trish Williams Security Co-chair
x Christopher Shawn Security Co-chair x Suzanne Gonzales-Webb x Mike Davis . David Staggs
x Diana Proud-Madruga . Johnathan Coleman . Francisco Jauregui . Joe Lamy
. Theresa Ardal Connor . Greg Linden . Grahame Grieve . Dave Silver
. Beth Pumo x Jim Kretz . Peter Bachman . Bo Dagnall

Back to Security Main Page

Agenda

  1. (2 min) Roll Call, Agenda Approval
  2. (2 min) Review and Approval of Minutes October 30, 2018
  3. (2 min) Update on revision of PASS Audit - reconcilation is ready for upload - Mike
  4. (30 min) Review of Final Security Harmonization proposals
  1. (5 min) GDPR whitepaper on FHIR Update - Alex
  • No FHIR Security call update - John sends his regrets

Meeting Minutes

Meeting Chair - Kathleen

Meeting Minute approval for 10/30 Discussion/ updates to be made - add count to vote under DS4P (Suzanne / Joe L) Objection: none; Abstain: none Approval: 8


PASS AUDIT Revision

  • Unknown if ballot reconciliation sheet was ever uploaded to ballot site
    • If it hasn't, it needs to (Mike/Diana/Kathleen - need to decide plan of action to review)
    • Unsure if withdrawals have been requested
  • Approximately 50 of the comments had been addressed; to the best of knowledge nothing has been done since then
    • DaveS - thought Mike had said that reconciliation is done is to request to withdraw negative votes
    • Kathleen's understanding was we were waiting on updates to the document

Harmonization proposals - tonight is final proposals nneed to be in

  • We have reviewed them all earlier
    • Additional CUIs need to be added per Kathleen (specific to the portion marking in the print name code
      • Only a slight variation/change is needed to correct
    • Reviewed a spreadsheet instead of word document
    • It was noted that banners do not have parenthesis around them, but when you go to the portion marking, there are and a differnt CUI marking is needed) as shown under 'Marking Multiple Pages'
  • Additional issue -
    • under RoseTree, xml used in version 3 if you look at code system; under _ActCodeSystem
      • SecurityPolicy(security Polcy)
      • adding privacy marker; one for CUI, second for security labeling mark - alked about last week. These are marks that you display which may be in the descritipn (i.e. confidential, high water mark; 42CFR42, etc)

<<add link to harmonization proposal>> Proposal has been reviewed by co-sponsor Patient Administration - they have reviewed the presented and final.

  • VOTE: Motion to approve Harmonization Proposal as presented (Suzanne/Theresa) with addition of CUI changes
    • Opposed: none: abstention: none; Approve: 8
    • Kathleen will submit today (tonight) with additional CUI changes

GDPR White Paper

  • Low attendance, would like more people from EU
  • Peter started discussion with POU which fits very nicely with current POU vocabulary definition
  • Agreement during meeting that there is a difference in POU and purpose of processing
    • Peter is currently working (in company for proposal) for possible codes to better define purpose of processing
  • Peter is trying to mesh of POU in Europe - some of the items do not make sense when applied to purpose of processing; based on purpose i.e. law, xx or xx (is this policy?)
  • (Kathleen) There is abranch that is not healthcare specific which may be helpful to look at
  • Peter ) something they need

next GDPR call in two weeks - we will dsicss proposal; come up with harmonized list and send out to Security and European group to spread out to their organizations and get feeback

  • one of the use cases will be from national summary? (from Giorgio)
    • one will be from John...(add description) care plan, care plan track
  • next call on NOvember 19 - at noon Eastern on Monday

Connectathon

  • Note: MiHIN is willing to join in the Montréal Connectathon
  • finished storyboard in June, people involved in SLS, consent will also be involved in January and in May.

Meeting adjorned at 1:44 Arizona Time --Suzannegw (talk) 15:46, 6 November 2018 (EST) https://fccdl.in/q8Ci7x2ZYP

Back to Security Main Page