October 20, 2015 Security Conference Call
Attendees
| x | Member Name | x | Member Name | x | Member Name | |||
|---|---|---|---|---|---|---|---|---|
| x | Mike DavisSecurity Co-chair | Duane DeCouteau | . | Chris Clark | ||||
| x | John MoehrkeSecurity Co-chair | x | Johnathan Coleman | . | Aaron Seib | |||
| x | Alexander Mense Security Co-chair | . | Ken Salyards | x | Christopher D Brown TX | |||
| . | Trish WilliamsSecurity Co-chair | . | Gary Dickinson | Dave Silver | ||||
| x | Kathleen Connor | . | Ioana Singureanu | Mohammed Jafari | ||||
| x | Suzanne Gonzales-Webb | Rob Horn | . | Galen Mulrooney | ||||
| x | Diana Proud-Madruga | Ken Rubin | x | William Kinsley | ||||
| x | Rick Grow | x | Paul Knapp | x | Glen Marshall, SRS | |||
| . | Debbie Bucci | x | Bill Kleinebecker | Chris Shawn | ||||
| Oliver Lawless | Rob Horn | Serafina Versaggi | ||||||
| Beth Pumo | Russell McDonell | x | [mailto: Paul Petronelli ], Mobile Health | |||||
| [mailto: Christopher Doss] | [mailto: ] | [mailto: ] |
Agenda DRAFT
- ( 5 min) Roll Call, Agenda Approval
- ( 5 min) Approve October 13 Meeting Minutes
- ( 5 min) Comments on ONC Draft Interoperability Standards Advisory - Kathleen
- PSS Healthcare Security and Privacy Access Control Catalog and NIB
- FHIR PSS for Security http://gforge.hl7.org/gf/project/security/docman/Security%20FHIR/
- Value Set improvements - Kathleen
- Re-approve FHIR Framework (paragraph being added
- FHIR Versioning and FHIR AuditEvent - Paul Knapp to present.
- FHIRframe Discussion
- ( 5 min) PASS Access Control Conceptual Model (SOA) Update - Diana, Don Jorgenson, Mike, Dave
- ( 5 min) Joint Vocabulary Alignment Update - Diana
- ( 35 min) FHIR Security report out - John
Meeting Minutes DRAFT
Ocotober 13 meeting minutes were unanimously approved
FHIR PSS for Security
additional clarification added (see paragraph below)
The Security WG will develop guidance regarding use of HL7 Security Standards (e.g. Role and Attribute-based access controls and vocabularies. In addition, the Security WG will work with appropriate external standards organizations to develop appropriate guidance on the use of general purpose security technologies, such as user authentication and authorization, that would aid with the secure and privacy protecting use of FHIR; and guide the FHIR community on the appropriate use of these solutions through the security pages of the FHIR specification, assigned to Security WG by the FMG
MOTION made to add the clarification (John/Glen)
Objections: none; Abstentions: none; Motion passes 11/0/0
PSS Healthcare Security and Privacy Access Control Catalog and NIB
- Discussed during the WGM and agreed to go forward with the project which wil include the RBAC work (which was coming up for re-ballot) and include the RBAC vocabulary and security delegated vocabulary (OAuth)
- It will also capture some data for Relationship Based Access Control (ReBAC) which is the same vocabulary
This Sunday - Lynn has taken the previous Project Identifier and has put it into the system and we need to approve the NIB so that we can proceed with the January 2016 ballot
- follow on activity to ensue
(Suzanne/Glen) MOTION made to proceed forward with January 2016 ballot NIB
Objections: none; Abstentions: none; Approved: 11/0/0
PASS Access Control Conceptual Model (SOA) Update
Joint Vocabulary Alignment Update
