This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

March 8, 2016 Security Conference Call

From HL7Wiki
Jump to navigation Jump to search

Back to Security Work Group Main Page

Attendees

x Member Name x Member Name x Member Name
x Kathleen ConnorSecurity Co-chair . Duane DeCouteau . Chris Clark
x John MoehrkeSecurity Co-chair . Johnathan Coleman . Aaron Seib
. Alexander Mense Security Co-chair . Ken Salyards . Christopher D Brown TX
. Trish WilliamsSecurity Co-chair . Gary Dickinson . Dave Silver
x Mike Davis . Ioana Singureanu . Mohammed Jafari
x Suzanne Gonzales-Webb x Rob Horn . Galen Mulrooney
x Diana Proud-Madruga . Ken Rubin . William Kinsley
x Rick Grow . Paul Knapp x Mayada Abdulmannan
x Glen Marshall, SRS . Bill Kleinebecker x Christopher Shawn
. Oliver Lawless . ... . Serafina Versaggi
X Beth Pumo . Russell McDonell . Paul Petronelli , Mobile Health
. Christopher Doss X Kamalini Vaidya . [mailto: Stephanie Dyke ]

Back to Security Main Page

Agenda DRAFT

  1. ( 5 min) Roll Call, Agenda Approval
  2. ( 5 min) Approve March 1, 2016 Security WG Conference Call Minutes
  3. ( 5 min) Call for comments on ISO 21298 HI - Functional and structural roles - Rick G.
  4. ( 5 min) PASS Access Control Services Conceptual Model - Diana
  5. ( 5 min) Joint Vocabulary Alignment Update - Diana
  6. ( 5 min) PASS Audit Conceptual Model – Diana
  7. ( 5 min) FHIR Security report out - John

Note that there will be a FHIR Security call at 2pm PT/5pm ET See agenda at FHIR Security Agenda

Minutes

  1. TBD chaired. Agenda and Minutes [approved]
  2. RE: Call for comments on ISO 21298 HI - Functional and structural roles:

Rick Grow led discussion about ISO 21298.

  • Description of this draft standard: Defines a model for expressing functional and structural roles and populates it with a basic set of roles for international use in health applications. Roles are generally assigned to entities that are actors. This will focus on roles of persons (e.g. the roles of health professionals) and their roles in the context of the provision of care (e.g. subject of care).
  • Possible comment areas: This draft standard references ISO 22600 in several areas, including the area of access control policy. To sufficiently cover policy, it should also reference the recently balloted HL7 PASS Access Control Services Conceptual Model. Additionally, this draft standard references the RBAC Healthcare Permission Catalog. The Catalog was recently updated and balloted in HL7 and is now known as the HL7 Healthcare (Security and Privacy) Access Control Catalog. ISO 21298 should reference the updated Catalog and make the appropriate adjustments in its discussion of RBAC and other access control methods.
  1. RE:PASS Access Control Services Conceptual Model:
  2. RE: Joint Vocabulary Alignment Update:
  3. RE: PASS Audit Conceptual Model:
  4. RE: FHIR Security report out: