This wiki has undergone a migration to Confluence found Here
Difference between revisions of "November 6, 2018 Security Conference Call"
Jump to navigation
Jump to search
Line 43: | Line 43: | ||
#''(2 min)'' '''Roll Call, Agenda Approval''' | #''(2 min)'' '''Roll Call, Agenda Approval''' | ||
#''(2 min)'' '''[http://wiki.hl7.org/index.php?title=October_30,_2018_Security_Conference_Call Review and Approval of Minutes October 30, 2018] | #''(2 min)'' '''[http://wiki.hl7.org/index.php?title=October_30,_2018_Security_Conference_Call Review and Approval of Minutes October 30, 2018] | ||
− | #''(2 min)'' '''[http://wiki.hl7.org/index.php?title=PASS_Healthcare_Audit_Services Update on revision of PASS Audit - | + | #''(2 min)'' '''[http://wiki.hl7.org/index.php?title=PASS_Healthcare_Audit_Services Update on revision of PASS Audit - reconciliation is ready for upload]''' - Mike |
#''(30 min)'' '''Review of Final Security Harmonization proposals''' | #''(30 min)'' '''Review of Final Security Harmonization proposals''' | ||
*Submission deadline at 12AM ET 11/6. Harmonization meeting scheduled for 11/8 & 11/9 from 12PM to 6PM ET. | *Submission deadline at 12AM ET 11/6. Harmonization meeting scheduled for 11/8 & 11/9 from 12PM to 6PM ET. | ||
Line 69: | Line 69: | ||
**Kathleen's understanding was we were waiting on updates to the document | **Kathleen's understanding was we were waiting on updates to the document | ||
− | Harmonization proposals - tonight is final proposals | + | Harmonization proposals - tonight is final proposals need to be in |
* We have reviewed them all earlier | * We have reviewed them all earlier | ||
** Additional CUIs need to be added per Kathleen (specific to the portion marking in the ''print name'' code | ** Additional CUIs need to be added per Kathleen (specific to the portion marking in the ''print name'' code | ||
*** Only a slight variation/change is needed to correct | *** Only a slight variation/change is needed to correct | ||
** Reviewed a spreadsheet instead of word document | ** Reviewed a spreadsheet instead of word document | ||
− | ** It was noted that banners do not have parenthesis around them, but when you go to the portion marking, there are and a | + | ** It was noted that banners do not have parenthesis around them, but when you go to the portion marking, there are, and a different CUI marking is needed) as shown under 'Marking Multiple Pages' |
* Additional issue - | * Additional issue - | ||
− | ** under | + | ** under Rose Tree, xml used in version 3 if you look at code system; under _ActCodeSystem |
− | ***SecurityPolicy( | + | ***SecurityPolicy(Security Policy) |
− | ***adding privacy marker; one for CUI, second for security labeling mark - | + | ***adding privacy marker; one for CUI, second for security labeling mark - talked about last week. These are marks that you display which may be in the description (i.e. confidential, high water mark; 42CFR42, etc.) |
<<add link to harmonization proposal>> | <<add link to harmonization proposal>> | ||
Line 94: | Line 94: | ||
** Peter is currently working (in company for proposal) for possible codes to better define purpose of processing | ** Peter is currently working (in company for proposal) for possible codes to better define purpose of processing | ||
* Peter is trying to mesh of POU in Europe - some of the items do not make sense when applied to purpose of processing; based on purpose i.e. law, xx or xx (is this policy?) | * Peter is trying to mesh of POU in Europe - some of the items do not make sense when applied to purpose of processing; based on purpose i.e. law, xx or xx (is this policy?) | ||
− | * (Kathleen) There is | + | * (Kathleen) There is a branch that is not healthcare specific which may be helpful to look at |
* Peter ) something they need | * Peter ) something they need | ||
− | next GDPR call in two weeks - we will | + | next GDPR call in two weeks - we will discuss proposal; come up with harmonized list and send out to Security and European group to spread out to their organizations and get feedback |
*one of the use cases will be from national summary? (from Giorgio) | *one of the use cases will be from national summary? (from Giorgio) | ||
** one will be from John...(add description) ''care plan, care plan track'' | ** one will be from John...(add description) ''care plan, care plan track'' | ||
− | * next call on | + | * next call on November 19 - at noon Eastern on Monday |
Connectathon | Connectathon | ||
Line 107: | Line 107: | ||
* finished storyboard in June, people involved in SLS, consent will also be involved in January and in May. | * finished storyboard in June, people involved in SLS, consent will also be involved in January and in May. | ||
− | Meeting | + | Meeting adjourned at 1:44 Arizona Time --[[User:Suzannegw|Suzannegw]] ([[User talk:Suzannegw|talk]]) 15:46, 6 November 2018 (EST) |
https://fccdl.in/q8Ci7x2ZYP | https://fccdl.in/q8Ci7x2ZYP | ||
[[Security|Back to Security Main Page]] | [[Security|Back to Security Main Page]] |
Revision as of 18:37, 13 November 2018
Attendees
x | Member Name | x | Member Name | x | Member Name | x | Member Name | |||
---|---|---|---|---|---|---|---|---|---|---|
x | John Moehrke Security Co-chair | x | Kathleen Connor Security Co-chair | x | Alexander Mense Security Co-chair | . | Trish Williams Security Co-chair | |||
x | Christopher Shawn Security Co-chair | x | Suzanne Gonzales-Webb | x | Mike Davis | . | David Staggs | |||
x | Diana Proud-Madruga | . | Johnathan Coleman | . | Francisco Jauregui | . | Joe Lamy | |||
. | Theresa Ardal Connor | . | Greg Linden | . | Grahame Grieve | . | Dave Silver | |||
. | Beth Pumo | x | Jim Kretz | . | Peter Bachman | . | Bo Dagnall |
Agenda
- (2 min) Roll Call, Agenda Approval
- (2 min) Review and Approval of Minutes October 30, 2018
- (2 min) Update on revision of PASS Audit - reconciliation is ready for upload - Mike
- (30 min) Review of Final Security Harmonization proposals
- Submission deadline at 12AM ET 11/6. Harmonization meeting scheduled for 11/8 & 11/9 from 12PM to 6PM ET.
- Policy Vocabulary spreadsheet
- Policy proposal
- Adding the v3 Policy codes to HL7 v2 Table 0717 for security labeling
- (5 min) GDPR whitepaper on FHIR Update - Alex
- No FHIR Security call update - John sends his regrets
Meeting Minutes
Meeting Chair - Kathleen
Meeting Minute approval for 10/30 Discussion/ updates to be made - add count to vote under DS4P (Suzanne / Joe L) Objection: none; Abstain: none Approval: 8
PASS AUDIT Revision
- Unknown if ballot reconciliation sheet was ever uploaded to ballot site
- If it hasn't, it needs to (Mike/Diana/Kathleen - need to decide plan of action to review)
- Unsure if withdrawals have been requested
- Approximately 50 of the comments had been addressed; to the best of knowledge nothing has been done since then
- DaveS - thought Mike had said that reconciliation is done is to request to withdraw negative votes
- Kathleen's understanding was we were waiting on updates to the document
Harmonization proposals - tonight is final proposals need to be in
- We have reviewed them all earlier
- Additional CUIs need to be added per Kathleen (specific to the portion marking in the print name code
- Only a slight variation/change is needed to correct
- Reviewed a spreadsheet instead of word document
- It was noted that banners do not have parenthesis around them, but when you go to the portion marking, there are, and a different CUI marking is needed) as shown under 'Marking Multiple Pages'
- Additional CUIs need to be added per Kathleen (specific to the portion marking in the print name code
- Additional issue -
- under Rose Tree, xml used in version 3 if you look at code system; under _ActCodeSystem
- SecurityPolicy(Security Policy)
- adding privacy marker; one for CUI, second for security labeling mark - talked about last week. These are marks that you display which may be in the description (i.e. confidential, high water mark; 42CFR42, etc.)
- under Rose Tree, xml used in version 3 if you look at code system; under _ActCodeSystem
<<add link to harmonization proposal>> Proposal has been reviewed by co-sponsor Patient Administration - they have reviewed the presented and final.
- VOTE: Motion to approve Harmonization Proposal as presented (Suzanne/Theresa) with addition of CUI changes
- Opposed: none: abstention: none; Approve: 8
- Kathleen will submit today (tonight) with additional CUI changes
GDPR White Paper
- Low attendance, would like more people from EU
- Peter started discussion with POU which fits very nicely with current POU vocabulary definition
- Agreement during meeting that there is a difference in POU and purpose of processing
- Peter is currently working (in company for proposal) for possible codes to better define purpose of processing
- Peter is trying to mesh of POU in Europe - some of the items do not make sense when applied to purpose of processing; based on purpose i.e. law, xx or xx (is this policy?)
- (Kathleen) There is a branch that is not healthcare specific which may be helpful to look at
- Peter ) something they need
next GDPR call in two weeks - we will discuss proposal; come up with harmonized list and send out to Security and European group to spread out to their organizations and get feedback
- one of the use cases will be from national summary? (from Giorgio)
- one will be from John...(add description) care plan, care plan track
- next call on November 19 - at noon Eastern on Monday
Connectathon
- Note: MiHIN is willing to join in the Montréal Connectathon
- finished storyboard in June, people involved in SLS, consent will also be involved in January and in May.
Meeting adjourned at 1:44 Arizona Time --Suzannegw (talk) 15:46, 6 November 2018 (EST) https://fccdl.in/q8Ci7x2ZYP