July 12, 2016 Security Conference Call
Back to Security Work Group Main Page
Attendees
x | Member Name | x | Member Name | x | Member Name | |||
---|---|---|---|---|---|---|---|---|
Kathleen ConnorSecurity Co-chair | . | Duane DeCouteau | . | Chris Clark | ||||
X | John MoehrkeSecurity Co-chair | . | Johnathan Coleman | . | Aaron Seib | |||
. | Alexander Mense Security Co-chair | . | Ken Salyards | . | Christopher D Brown TX | |||
. | Trish WilliamsSecurity Co-chair | . | Gary Dickinson | . | Dave Silver | |||
x | Mike Davis | . | Ioana Singureanu | X | Mohammed Jafari | |||
x | Suzanne Gonzales-Webb | x | Rob Horn | . | Galen Mulrooney | |||
x | Diana Proud-Madruga | . | Ken Rubin | . | William Kinsley | |||
. | Rick Grow | . | Paul Knapp | . | Mayada Abdulmannan | |||
x | Glen Marshall, SRS | . | Bill Kleinebecker | . | Christopher Shawn | |||
. | Oliver Lawless | x | Grahame Grieve | . | Serafina Versaggi | |||
. | Beth Pumo | . | Russell McDonell | . | Paul Petronelli , Mobile Health | |||
. | Christopher Doss | . | Kamalini Vaidya | . | [mailto: TBD ] |
Agenda DRAFT
- (2 min) Roll Call, Agenda Approval
- (3 min) Approve Security WG June 28, 2016 Minutes
- (10 min) Update on the PSAF Security Policy model - Mike
- (5 min) Standards Privacy Impact Assessment Cookbook - Rick
- (5 min) PASS Access Control Services Conceptual Model - Diana
- (5 min) PASS Audit Conceptual Model – Diana
- (10 min) HL7 Trust wiki Blockchain updates and new Kantara Blockchain & Smart Contracts Discussion Group, which meets 2 times a week for .5 hour to develop Blockchain, Smart Contracts, and Ledger Technologies use cases and briefing paper recommending next steps. call information
- (2 min) Action Items, next call agenda, adjournment
Note that there will be a FHIR Security call at 5pm ET See agenda at FHIR Security Agenda
Minutes
- Chaired by John
- Approve Security WG June 28, 2016 Minutes (Approved: Mike, Suzanne)
- Update on the PSAF Security Policy model - Mike, Dave
- Presentation was shared during the call: - Dave Sliver, Chris Shawn, and Mike Davis continued work on PSAF - Main Level includes Privacy Security material beginning with High level Trust Framework Policy - This Expand trust framework introducing trust policies, level assurance, trust certificates, and remainder modeling -Input Policies are dependent on Harmonization policy -Trust Framework would establish the elements of Trust supported by the contract - Could have two or more Domain names, each domain would have its own set of policies - Through Trust Framework there is a harmonization between each Domain -
- Standards Privacy Impact Assessment Cookbook - Rick
- The PSS was approved the TFC - Updating document Ballot based on comments from SW and CBCC - Document will be send out to both groups to review and comment and send back by Thursday COB - New comments will be incorporated to send out by Sunday Deadline to HL7
- PASS Access Control Services Conceptual Model - Diana
- Completed all updates - reviewing doc - Expect to complete at the end of the week, will send out for final review to group - Obtain final confirmation from Barrett to withdraw negative vote -seeking to seeking publication by the end of July
- PASS Audit Conceptual Model – Diana
- We have meetings on Wednesdays - Sent out Meeting invite to SOA, CBCC, and Security list serve - Set up a wiki site and in process of loading supporting docs in wiki and Gforge - Ken Ruben (SOA) sent out email to cochairs on cloud Survey
- HL7 Trust wiki Blockchain updates and new Kantara Blockchain & Smart Contracts Discussion Group, which meets 2 times a week for .5 hour to develop Blockchain, Smart Contracts, and Ledger Technologies use cases and briefing paper recommending next steps. call information
- Kathleen/Blockchain:
- We've been following different Trust Framework - We have a Wiki page with the list of Trust Framework and efforts on Blockchain - ONC sent out a challenge/White Paper for Blockchain with implications on Health - New Kantara looking at usecases related to Health and Trust - New effort on patience owning data control - Smart contracts to enable health care consumers negotiating consent with providers and none covered entities - Canada has a group that developed tools for Canadians to obtain info from different entities based - Monitoring these efforts and emerging approach to Trust and Provenance and Health information on validation and access - David: If you not a U.S. Federal Agency , you can still register a paper on Blockchain through the ONC announcement
- Mike Davis Comments: It is a Providence approach, and would like to see how FHIR would be factored in the approach.
- It is not like a digital signature, but rather verifying the info is correct and all the parties involved in the chain can verify he info is correct. - All Participants are responsible in the sharing of Data integrity - No one can change the record without all the approval of all stakeholders
- John's Comments: Once a Block chain has been signed, it would prevent any change in the Blockchain, much like digital signature. It is a public measure by the set of peers, who would explain what their signature means or what they agree or not agree with in the chain.
- John has a White paper on the topic of Blockchain and included link in the chat, Kathleen will link it to the Trust link
Approvals:
- John: we received confirmation we are to approve cochairs for FTFP of Paul Map (John, and Kathleen approved)
- Kathleen: Mike and Dave have been updating the policy driven architecture on Domain Analysis. a paper by Sunday on PSAF
- I submitted the PSAF document to on Sunday for September Ballot, waiting on confirmation - (Kathleen and Mike Approved)