This wiki has undergone a migration to Confluence found Here
June 02, 2015 Security WG Conference Call
Attendees
x | Member Name | x | Member Name | x | Member Name | |||
---|---|---|---|---|---|---|---|---|
x | Mike DavisSecurity Co-chair | . | Duane DeCouteau | . | Chris Clark | |||
x | John MoehrkeSecurity Co-chair | . | Johnathan Coleman | . | Aaron Seib | |||
? | Alexander Mense Security Co-chair | x | Ken Salyards | x | Christopher Brown TX | |||
. | Trish WilliamsSecurity Co-chair | . | Gary Dickinson | . | Tim McKay | |||
Kathleen Connor | . | Ioana Singureanu | . | Mohammed Jafari | ||||
x | Suzanne Gonzales-Webb | Darrell Woelk | . | Galen Mulrooney | ||||
x | Diana Proud-Madruga | . | Reed Gelzer | x | William Kinsley | |||
x | Rick Grow | Oliver Lawless | . | Paul Knapp |
Agenda DRAFT
- (05 min) Roll Call, May 26 Meeting Minutes
- (20 min) FHIR Trust Framework - PMAC Map - Mike Davis
- FHIR Contract Design Considerations - Kathleen
- (10 min) PASS Access Control Conceptual Model (SOA) - Diana, Don Jorgenson
- (10 min) Vocabulary Alignment Project - Diana/Reed
- (10 min) FHIR Contract, Consent Directive Discussion (tentative)
- (05 min) October 2015 HL7 WGM - Atlanta, Georgia USA - agenda items
- (as time allows) FHIR disposition - review/discussion, ongoing agenda item
- (as time allows) Other business, action items, and adjournment
Meeting Minutes
Approval of May 26, 2015 Meeting Minutes
- The minutes for the May 26 meeting were unanimously approved.
FHIR Trust Framework - PMAC Map - Mike/Kathleen <<add link to PPT>>
- Kathleen presented on the suite of FHIR Resources to support the PFL project, including the FHIR Questionnaire Resource, FHIR Questionnaire Answer Resource, FHIR Consent Directive Resource Profile, and FHIR Privacy/Security/Trust Policy Resource Profile.
- Her presentation also included the following:
- CBCC & Security WGs are already developing a FHIR CD Questionnaire/Questionnaire profile which:
- Captures a signed patient consent directive in a form template developed by an organization and based on organizational and jurisdictional privacy policies
- Is able to support very simple, high level or detailed, granular CDs ranging from:
- A simple acknowledgement of a HIPAA Notice of Privacy Policy
- An HIE opt-in/opt-out CD such as that supported by BPPC
- A multipurpose complex CD such as the VA’s eConsent form
- Able to conform with Patient Friendly Consumer Interfaces IG
- Used to populate the current FHIR CD Policy profile
Privacy and Security Architectural Framework (SOA) - Diana
- Diana is going to meet with Don Jorgenson this afternoon to discuss this project.
Vocabulary Alignment - Diana
- Delving deeper into diagrams that are available on the W3C Provenance data model website.
- Using the diagrams and vocabulary to help clarify relationships between provenance and security in EHR.
- On the EHR side of things, there is an ISO/TC 215 project for which they are updating the EHR Lifecycle definitions.
- Per Kathleen, there are noted gaps between HL7, S&I Data Provenance and W3C. Kathleen will share these gaps with Diana in preparation for submission of ballot.
- W3C is very rich, and has done a very good job of describing provenance.
- Link to the W3C Prov map to HL7 v2, v3, CDA and FHIR Provenance Resource PPT - http://gforge.hl7.org/gf/download/docmanfileversion/8703/13166/W3C%20Alignment%20with%20HL7%20v3%20CDA%20call2.pptx
Discussion on FHIR Consent Directive, Contract
- Last week's DISCUSSION deferred to next FHIR DSTU Ballot.
- NEXT STEPS: Need to state the intent (CBCC and Security) that FHIR Consent Policy/Trust Policy will not be balloted in October 2015, but planned for January 2016...this is a work in progress
2015 HL7 October Meeting, Atlanta, Georgia
Agenda items to be added
- Security Architecture Framework (project status)
- Demonstrations for implementations of Privacy on FHIR work - applications of HCS to a healthcare environment
- New HIMSS self-run demo
- HEART
Meeting adjourned at 1251 PDT