October 14th 2008 Security Conference Call

• Meeting Information

Attendees

• Bernd Blobel Security Co-chair <absent>
• Mike Davis Security Co-chair
• Patty Greim
• Suzanne Gonzales-Webb CBCC Co-chair
• Glen Marshall Security Co-chair
• Sarah Maulden
• Jim McCaslin
• Rob McClure
• John Moehrke
• Tonya Newton
• Scott Robertson
• Ioana Singureanu
• Richard Thoreson CBCC Co-chair <absent>

Agenda

1. (05 min) Welcome and Introductions
2. (05 min) Approve Minutes & Accept Agenda
3. (15 min) Security-CBCC Joint Project Introduction and Review

• Introduction to [RBAC Privacy and Authorization Terminology Project Scope Statement v0 2.doc]

• Introduction to current draft work, [SNOMED CT Mapping to HL7 RBAC Permission Catalog (DRAFT)]

• Presentation overview of framework diagram found in the [Security and Authorization Framework Document]

1. (15 min) Deliverable(s) and Timeline

currently identified:

• Update to current Project Scope (G.Marshall, S.Gonzales-Webb)
• HL7 RBAC Permission Catalog Vocabulary Update [Current RBAC Permission Catalog, approved February 2008]
• Constraint Catalog(s) to include Security Access, Privacy and Consent, Patient, Clinical

1. (15 min) Decision Making Practices not covered, pushed to next meeting (see CBCC document as example CBCC Decison Making Practices)
2. (05 min) Other Business

To Do:

• Project Scope - Review and tighten scope statement, constrain scope to provide less confusion (Glen, Suzanne)
• Identify/introduce standardized vocabularies (value sets) as reference, identify expert or point of contact for each. Vocabularies identified at October 14 meeting include:

* SNOMED

* ICD-10 (or possibly ICD-11 which would be linked/mapped to SNOMED)

* Badlax (sp?) an ACR, RSNA recognized vocabulary

Back to Meetings