March 1, 2016 Security Conference Call
Back to Security Work Group Main Page
Attendees
x | Member Name | x | Member Name | x | Member Name | |||
---|---|---|---|---|---|---|---|---|
x | Kathleen ConnorSecurity Co-chair | . | Duane DeCouteau | . | Chris Clark | |||
x | John MoehrkeSecurity Co-chair | . | Johnathan Coleman | . | Aaron Seib | |||
. | Alexander Mense Security Co-chair | . | Ken Salyards | . | Christopher D Brown TX | |||
. | Trish WilliamsSecurity Co-chair | . | Gary Dickinson | . | Dave Silver | |||
x | Mike Davis | . | Ioana Singureanu | . | Mohammed Jafari | |||
x | Suzanne Gonzales-Webb | x | Rob Horn | . | Galen Mulrooney | |||
x | Diana Proud-Madruga | . | Ken Rubin | . | William Kinsley | |||
x | Rick Grow | . | Paul Knapp | x | Mayada Abdulmannan | |||
x | Glen Marshall, SRS | . | Bill Kleinebecker | x | Christopher Shawn | |||
. | Oliver Lawless | . | ... | . | Serafina Versaggi | |||
X | Beth Pumo | . | Russell McDonell | . | Paul Petronelli , Mobile Health | |||
. | Christopher Doss | X | Kamalini Vaidya | . | [mailto: Stephanie Dyke ] |
Agenda DRAFT
- ( 5 min) Roll Call, Agenda Approval
- ( 5 min) Approve February 23, 2016 Security WG Conference Call Minutes
- ( 5 min) PASS Access Control Services Conceptual Model - Diana
- ( 5 min) Joint Vocabulary Alignment Update - Diana
- ( 5 min) PASS Audit Conceptual Model – Diana
- ( 5 min) FHIR Security report out - John
Note that there will be a FHIR Security call at 2pm PT/5pm ET See agenda at FHIR Security Agenda
Minutes
- Consensus approval of Feb 23 minutes
- Joint Vocabulary Alignment Discussion update:
-Continued work to refine approach to models
- PASS Audit Conceptual Model Discussion: -
Provenance is related to where records are obtained Question Raised: "Does Audit create separate list for Provenance? " Discussion/Answer: -Audit creates a separate list for Provenance: The Life cycle of resource and life cycle of Order of obligation as different value sets. -Audit Provenance Model provides information related to integrity and trustworthiness -Value sets should be defined by structuring the document for the implementer, and should be mapped to existing standards. -Next Step: Kathleen Connor will provide documentation on Provenance and Audit in the Groove space
- FHIR Security Report Out: (Rob Mclure)
-Issue Raised: FHIR SVCS uses IP bound code system SNOWMED. Is there a technology that can be promoted to FHIR that would allow value set authority Center SNOWMED, where a ticket is identified as "I am a licence User of SNOWMED?" Can a receiver and requester both be licensed? -Discussion/Answer: -Profile on OATH allows claims assertions -Includes License and tickets -next step: OATH maybe a possible solution, review the requirements and draft a project scope statement.