This wiki has undergone a migration to Confluence found Here
August 04, 2015 Security WG Conference Call
Attendees
| x | Member Name | x | Member Name | x | Member Name | |||
|---|---|---|---|---|---|---|---|---|
| x | Mike DavisSecurity Co-chair | . | Duane DeCouteau | . | Chris Clark | |||
| x | John MoehrkeSecurity Co-chair | Johnathan Coleman | . | Aaron Seib | ||||
| x | Alexander Mense Security Co-chair | . | Ken Salyards | . | Christopher Brown TX | |||
| . | Trish WilliamsSecurity Co-chair | . | Gary Dickinson | x | Silver | |||
| x | Kathleen Connor | . | Ioana Singureanu | . | Mohammed Jafari | |||
| . | Suzanne Gonzales-Webb | . | Darrell Woelk | . | Galen Mulrooney | |||
| x | Diana Proud-Madruga | Grahame Grieve | . | William Kinsley | ||||
| x | Rick Grow | Chethan Makoahalli | Lloyd McKenzie | |||||
| x | Debbie Bucci | Bill Kleinebecker | [ |
Agenda DRAFT
- ( 5 min) Roll Call, Agenda Approval
- ( 5 min) Approve July 28 Meeting Minutes,
- ( 5 min) PASS Access Control Conceptual Model (SOA) Update - Diana, Don Jorgenson
- (10 min) ACS model - Mike/Dave Silver
- ( 5 min) Joint Vocabulary Alignment Update - Diana
- ( 5 min) PSAF Update - Kathleen (same as agenda item #7/done at same meeting)
- ( 5 min) Status of Provenance and AuditEvent subcommittee -- Kathleen/John
- ( 15 min) FHIR Security Discussion Block Vote for approval August 4
- ( 5 min) October 2015 HL7 WGM - Atlanta, Georgia USA - agenda items
- Please send any agenda items to Suzanne
FHIR AuditEvent Discussion -- removed from block vote
- 8123 AuditEvent constraints are too tight (Lloyd McKenzie) Persuasive
FHIR AuditEvent Block Vote
- 7565 2015May core #856
- 7432 2015May core #720 - AuditEvent requestor (Helen Broberg) Not Persuasive- Fix link (Kathleen Connor) Not Persuasive with Mod
- 6233 AuditEvent confusion on 'idenfier' elements that are actually strings. Affects understanding as well as search (which should not be token) (John Moehrke) Persuasive with Mod
- 6269 AuditEvent needs a Participant userId type code to explain how to understand the value in userId (e.g. Patient ID in CX form) (John Moehrke) Persuasive with Mod
- 7431 2015May core #719 - AuditEvent source identifier (Helen Broberg) Persuasive with Mod
- 7564 2015May core #855 - AuditEvent.event value set is a mess (Kathleen Connor) Persuasive with Mod
Meeting Minutes
Agenda approved (Mike Davis/Suzanne)
Meeting Minutes for July 28 were unanimously approved (Mike/Diana)
We have a final Access Control framework
- Requirements set up for services, capabilities in the framework
- Needs to be presented so that we can receive comments (post to Security list serve?)
- First draft to be sent out by Diana at the end of this week
EHRS + PHRS FMs + RM-ES on FHIR
1. Please join my meeting - FRIDAY 11AM ET (8AM PT) https://global.gotomeeting.com/meeting/join/ <https://global.gotomeeting.com/meeting/join/> 650909605 2. Use your microphone and speakers (VoIP) - a headset is recommended. Or, call in using your telephone. United States: +1 (215) 383-1013 Access Code: 650-909-605 Audio PIN: Shown after joining the meeting Meeting ID: 650-909-605
- 7565 2015May core #856
- tabled, discussion
- pulled from block vote
- 7432 2015May core #720 - AuditEvent requestor (Helen Broberg) Not Persuasive- Fix link (Kathleen Connor) Not Persuasive with Mod
- 6233 AuditEvent confusion on 'idenfier' elements that are actually strings. Affects understanding as well as search (which should not be token) (John Moehrke) Persuasive with Mod
- 6269 AuditEvent needs a Participant userId type code to explain how to understand the value in userId (e.g. Patient ID in CX form) (John Moehrke) Persuasive with Mod
- 7431 2015May core #719 - AuditEvent source identifier (Helen Broberg) Persuasive with Mod
- 7564 2015May core #855 - AuditEvent.event value set is a mess (Kathleen Connor) Persuasive with Mod
- tabled, discussion
- pulled from block vote
- documentation needs to be recorded (audit event); the front material for audit events should be clear that there is an expectation of use of profiling to give specific guidance (i.e., profiles will be required)
- we will ensure the documentation is sufficient to inform implementers that these are example value sets, that other value sets or sub-sets can be in the profile
- item will be returned to the block vote
8123 - ATNA does not do FHIR resources
- we need a pointer to a resource (currently exclusive one or the other)
- we will remove the exclusiveness
MOTION: Block vote for today does not include 7565; added 8123 (Mike/Kathleen) questions on 7564 - (Mike Davis)
- John will make the change to add ASTM E2147 to 7564 FHIR AuditEvent (friendly amendment Mike/Kathleen)
Objections/Abstentions: None; Approval: 10
Meeting adjourned at 1204 PST --Suzannegw (talk) 17:13, 4 August 2015 (EDT)
