This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

Difference between revisions of "November 20, 2018 Security Conference Call"

From HL7Wiki
Jump to navigation Jump to search
Line 57: Line 57:
  
 
'''Meeting Minute Approval''' - November 13, 2018
 
'''Meeting Minute Approval''' - November 13, 2018
Motion to approve (Kathleen/Szanne)
+
Motion to approve (Kathleen/Suzanne)
Objecions: none; Abstentions: none; Approve
+
Objections: none; Abstentions: none; Approve
  
  
 
'''PASS Audit Update'''
 
'''PASS Audit Update'''
* Uploaded the PASS Audit reconciliation spreadspeet from January 2017 and requested withdrawals
+
* Uploaded the PASS Audit reconciliation spreadsheet from January 2017 and requested withdrawals
* bErnd requested updates tod ocument
+
* Bernd requested updates to see updates made to the document; which we have responded they are in the works
* past publications update - we are past publication  
+
* Per Lynne Laakso, we are past publication due date – which means we need to rebalot
** we supposedly requested
+
** Mention through SOA working group,  we were under the assumption that we were working on a publication extension—but that had not happened’
* we are planning reballot in May 2019 - gives us time to put in NIB, adjust anything if needed.  we have been looked at entire privacy and security
+
* we are planning reballot in May 2019 – this gives us time to put in NIB, adjust anything if needed.   
* rather than call it part of TF4FA, considered making it a volume 4 in addition to  
+
**we have been looked at context of entire privacy and security architecture framework so rather than call it part of TF4FA, considered making it a volume 4in addition to the current 3 volumes in trust framework which would  specifically devoted to provenance
** mashup of SOA - S&P
+
** Bernd concerns of mashup of OMG, MDA methodology of involving SOA which he prefers, that this confusion will be addressed in the first two volumes of TF4FA, by removing references to  of either methodology on how the services work.
** this confusion will be address in the first two volumes of TWF4FA, by removing reference os certain methodology on how the services work.
 
 
(Kathleen's understanding)
 
(Kathleen's understanding)
* clarification asked of Dave Silver/Diana Pruod-Madruga
+
* clarification asked of Dave Silver/Diana Proud-Madruga
 
** per Diana --that is her understanding.
 
** per Diana --that is her understanding.
*Question: (ChrisS) Proenance Volume 3 sites provenance; since we are talking about provenance as volume 4 was that an issue/any alightment that needs to be done before publication/final is sent out?
+
*Question: (ChrisS) Provenance Volume 3 sites audit; since we are talking about audit as Volume 4 was that a sequential issue/any alignment problem that needs to be done before publication/final is sent out?
** idea was to align them; if refernce were not specific enough to impact the volume/provenance
+
** idea was to align them; if references were not specific enough to impact the content of the volume/provenance; we’re very close to the final content for the upcoming ballot
* DaveS have you considered the final ballot considereation on breaking changes where audit might go?
+
* (ChrisS) DaveS have you considered the final ballot consideration on making  changes where audit might go?
* we have until next MOnday where we have to pin this down
+
**(Dave)siting something that hasn’t been published is of course an issue; the fundamentals have not changed.  Provenance is still aligned with volume 3/confirmed by Diana – although unsure if the sequence is going to be an issue or not
* Volume 4 ''AUDIT''
 
 
** maybe say that a volume 4 is under development (if there are audit referencing issues)
 
** maybe say that a volume 4 is under development (if there are audit referencing issues)
  
  
white paper
+
GDPR White Paper on FHIR
* change of time is more
+
* change of time is more reasonable at 12ET
* Peter Liesdonk had worked within his affiliates (Phillips) on codes/GDPR
+
* Peter Liesdonk (Netherlands) had worked within his affiliates (Phillips) on requirements for codes around GDPR;
** Kathleen is working wit htem for urrent codes - to prepare for harmonization
+
** Kathleen is working with them for current codes - to prepare for harmonizationgood evaluation completed
** good evaluation completed
+
** several GDPR codes completed during last harmonization; additional will bae added to March 2019 harmonization because there are several policies that need to be covered with GDPR in place
** several GDPR codes completed durig last harmonization; additional will bae added to march 2019 harmonization
 
 
* lots of progress made; bringing forward to final
 
* lots of progress made; bringing forward to final
  
  
FHIR Security CAll
+
‘’’FHIR Security Call’’’
* doing a QA sweep of Privacy and Seucit sectionon FHIR; everyone is invieted to review and send comments to JOhn
+
* doing a QA sweep of Privacy and Security section on FHIR; everyone is invited to review and send comments to John
* looking for typos and broken links
+
* looking for typos, broken links and the like
  
coments questions on the last two items?  none expressed
+
Comments questions on the last two items?  none expressed
  
No additional add on mentioned
+
No additional topics brought up for discussion
  
Motion made to adjorn (Kathleen)
+
Motion made to adjourn (Kathleen)
Meeting adjorned at 1317 Arizona Time --[[User:Suzannegw|Suzannegw]] ([[User talk:Suzannegw|talk]]) 15:17, 20 November 2018 (EST)
+
Meeting adjourned at 1317 Arizona Time --[[User:Suzannegw|Suzannegw]] ([[User talk:Suzannegw|talk]]) 15:17, 20 November 2018 (EST)

Revision as of 20:55, 20 November 2018

Back to Security Main Page

Attendees

Back to Security Main Page

x Member Name x Member Name x Member Name x Member Name
. John Moehrke Security Co-chair x Kathleen Connor Security Co-chair . Alexander Mense Security Co-chair . Trish Williams Security Co-chair
x Christopher Shawn Security Co-chair x Suzanne Gonzales-Webb . Mike Davis . David Staggs
x Diana Proud-Madruga . Johnathan Coleman x Francisco Jauregui x Joe Lamy
x Theresa Ardal Connor . Greg Linden . Grahame Grieve . Dave Silver
. . Beth Pumo . Jim Kretz . Peter Bachman . Peter VanLiesdonk]

Back to Security Main Page

Agenda

  1. (2 min) Roll Call, Agenda Approval
  2. (5 min) Review and Approval of Minutes November 13, 2018
  3. (10 min) [Update on PASS Audit] - Mike
  4. (10 min) Update on TF4FA Vol 3 Provenance Ballot Prep - Mike/Chris
  5. (10 min) GDPR whitepaper on FHIR Update, reminder of new call schedule - Alex
  6. (10 min) FHIR Security call update - John

Back to Security Main Page

Meeting Minutes

Meeting Chair - ChrisS Reviewed Agenda/role taken


Meeting Minute Approval - November 13, 2018 Motion to approve (Kathleen/Suzanne) Objections: none; Abstentions: none; Approve


PASS Audit Update

  • Uploaded the PASS Audit reconciliation spreadsheet from January 2017 and requested withdrawals
  • Bernd requested updates to see updates made to the document; which we have responded they are in the works
  • Per Lynne Laakso, we are past publication due date – which means we need to rebalot
    • Mention through SOA working group, we were under the assumption that we were working on a publication extension—but that had not happened’
  • we are planning reballot in May 2019 – this gives us time to put in NIB, adjust anything if needed.
    • we have been looked at context of entire privacy and security architecture framework so rather than call it part of TF4FA, considered making it a volume 4; in addition to the current 3 volumes in trust framework which would specifically devoted to provenance
    • Bernd concerns of mashup of OMG, MDA methodology of involving SOA which he prefers, that this confusion will be addressed in the first two volumes of TF4FA, by removing references to of either methodology on how the services work.

(Kathleen's understanding)

  • clarification asked of Dave Silver/Diana Proud-Madruga
    • per Diana --that is her understanding.
  • Question: (ChrisS) Provenance Volume 3 sites audit; since we are talking about audit as Volume 4 was that a sequential issue/any alignment problem that needs to be done before publication/final is sent out?
    • idea was to align them; if references were not specific enough to impact the content of the volume/provenance; we’re very close to the final content for the upcoming ballot
  • (ChrisS) DaveS have you considered the final ballot consideration on making changes where audit might go?
    • (Dave)siting something that hasn’t been published is of course an issue; the fundamentals have not changed. Provenance is still aligned with volume 3/confirmed by Diana – although unsure if the sequence is going to be an issue or not
    • maybe say that a volume 4 is under development (if there are audit referencing issues)


GDPR White Paper on FHIR

  • change of time is more reasonable at 12ET
  • Peter Liesdonk (Netherlands) had worked within his affiliates (Phillips) on requirements for codes around GDPR;
    • Kathleen is working with them for current codes - to prepare for harmonization, good evaluation completed
    • several GDPR codes completed during last harmonization; additional will bae added to March 2019 harmonization because there are several policies that need to be covered with GDPR in place
  • lots of progress made; bringing forward to final


‘’’FHIR Security Call’’’

  • doing a QA sweep of Privacy and Security section on FHIR; everyone is invited to review and send comments to John
  • looking for typos, broken links and the like

Comments questions on the last two items? none expressed

No additional topics brought up for discussion

Motion made to adjourn (Kathleen) Meeting adjourned at 1317 Arizona Time --Suzannegw (talk) 15:17, 20 November 2018 (EST)