December 01, 2015 Security Conference Call

Attendees

Back to Security Main Page

Agenda DRAFT

1. ( 5 min) Roll Call, Agenda Approval
2. ( 5 min) Approve November 24 Meeting Minutes
3. ( 5 min) Healthcare Security and Privacy Access Control Catalog Update - Rick, Suzanne
4. ( 5 min) Joint Vocabulary Alignment Update - Diana
5. ( min) FHIR Security report out - John
6. ( 5 min) PASS Access Control Conceptual Model (SOA) ballot reconciliation Update - Diana, Don, Mike, Dave
7. (10 min) Upcoming January WGM 2016 - Orlando, Florida - AGENDA ITEMS
8. Update Preview of Audit Functional Model - Dave

• in future to update the PASS Audit

**New** 
FHIR Security Topics  in support of FHIM
Meeting Information:  Tuesdays 2:00PM PT/5:00PM ET
Phone: +1 770-657-9270, Participant Code: 994563 hosted by Security
Web meeting Info:   https://global.gotomeeting.com/join/520841173  
Discussion includes: Security - Audit, Provenance, Labels, Signature

**New** 
Wednesday Consent on FHIR Topics ' 3:00PM PT/6:00 PM ET hosted by CBCC
GoToMeeting information: https://global.gotomeeting.com/join/520841173 
Phone: +1 770-657-9270, Participant Code: 994563 

Meeting Minutes (DRAFT)

Approve meeting minutes for November 24

Objections: none, Abstentions: none, Approval:

Healthcare Access Control Catalog

Ballot voting begins on Friday

• Document completed for ballot

Joint vocabulary Update

• This AM looked at diagrams completed for vocabulary verbs
  • Reviewed changes made
  • revisiting verb: received
  • the items looked at this AM are 80-90% complete
  • other verbs are being diagrammed
• hoping by January 2016 meeting that 10 verbs will be completed (or mostly completed)

PASS Access Control Conceptual Model

• ballot reconciliation - all of the comments have been reviewed, resolutions provided
• VA will be contacted to withdraw the negative vote
• still need to contact Bernd
• need to contact DoD on adopting the VA comments, withdrawing/retracting their negative vote
• changes from the resolutsion will be added to the document

January WGM 2016, Orlando, Florida Agenda Item topids:

• FHIR Connect-ta-thon work (before the WGM)

• Monday - joint with CBCC
  • Update on the FHIR Connect-ta-thon
• Interest on the approach in privacy protection (Alex's student has written on this subject) - security risks on health
  • Alex will contact student to possibly have student join call
  • a look beyond what we normally look at beyond healthcare
  • privacy protective security protective mechanisms (Glen, Alex, Kathleen)
  • Kantara - tokens

Tuesday Tuesday Q3/Q4 - Access Control Catalog - ballot reconciliation; w/CBCC representative

Wednesday

• Q2 - Scheduling in PASS Access Control ballot reconciliation
• Wednesday Q3 - Vocabulary Alignment w/EHR, CBCC representative, Security
• Wednesday Q4 - ballot reconciliation; S&P Access Control Catalog

Also agenda time needed for:

1. proposed audit standard for SOA (supported by Security), maybe WedQ2
2. framework; FHIR provenance
   • approvals needed for proposals in changes
   • provide an outline, work on during summer in prep for May 2016 ballot
   • note that VA folk will be not going to May/Canada meeting

Audit Service diagram <<add link>>

Detailed walkthrough provided

Model was created such that it will render on a landscape page

based on the open group mode of audit server which reflect other standards (typing back to ISO standards)

1. Audit event - something has happened somewhere (OS, processes, hardwired to
   1. creating an AuditEvent, which pulls together configured raw data

ultimately an audit record is created (which we want to keep) Audit record...

Meeting Adjourned at 1400 AZT --Suzannegw (talk) 16:04, 1 December 2015 (EST)