This wiki has undergone a migration to Confluence found Here
HL7 FHIR Security 2016-8-9
Contents
Call Logistics
Weekly: Tuesday at 05:00 EST (2 PM PST)
Conference Audio: 770-657-9270,' Access: 845692 Join online meeting: https://global.gotomeeting.com/join/520841173 Please be aware that teleconference meetings are recorded to assist with creating the meeting minutes
Back to HL7 FHIR security topics
Attendees
| Member Name | Member Name | Member Name | ||||||
|---|---|---|---|---|---|---|---|---|
| x | John Moehrke Security Co-Chair | . | Kathleen Connor Security Co-Chair | x | Suzanne Gonzales-Webb CBCC Co-Chair | |||
| . | Gary Dickinson EHR Co-Chair | . | Johnathan ColemanCBCC Co-Chair | . | Mike Davis | |||
| . | Reed Gelzer RM-ES Lead | x | Glen Marshal | . | Galen Mulrooney | |||
| . | Dave Silver | x | Rob Horn | . | Judy Fincher | |||
| . | Diana Proud-Madruga | . | Beth Pumo | . | Oliver Lawless | |||
| . | Bob Dieterle | . | Mario Hyland | . | Joe Lamy | |||
| . | Rick Grow | . | [mailto: Richard Etterma] | . | [mailto: Wayne Kubic] |
Agenda
- Roll;
- approval of agenda
- approval of the July 19, 2016 minutes
- All security open http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemBrowse&tracker_id=677&tracker_query_id=4967
- New Security and Privacy "Module" page http://hl7-fhir.github.io/secpriv-module.html
- FHIR timeline to ballot http://wiki.hl7.org/index.php?title=FHIR_Ballot_Prep
- Update on action items
- 9564 -- assigned to John -- following the discussion in the CP
- 9564 Should FHIR AuditEvent resource include DICOM extension of ATNA Audit log message ? ()
- 9167 -- assigned to John, only creating an example AuditEvent -- following the discussion in the CP
- 9167 AuditEvent needs to make more obvious how to record a break-glass event ()
- 9042, 9043, 9052 -- assigned to Kathleen, she has the XML almost ready to go
- 9996 -- assigned to Glen -- following the discussion in the CP
- 9996 Using Provenance resource to annotate content derived from non-FHIR sources ()
- FMM evaluation vs desire - We picked 4 last week -- We might want to re-evaluate to level 3. As level 4 means we would need to work hard to get "complete" testing tools and procedures at 100% of functionality. I think we should only target getting some testing ready.
- Discussion with Mario on getting prepared for next connectathon
- What use-case should we focus on? (Lab vs Financial vs Patient)
- Discussion around Record Lifecycle events (6303)? Are we going to support this? Are the vocabulary done yet? (Gary will join)
- 6303 Add Record Lifecycle Events to AuditEventObjectLifecycle Set (Gary Dickinson) None
- How should 'test-data' be identified? Is this a legitimate use of security-tags?
- It is clear that security-tags already support de-identified methods. The question is specifically about completely fabricated data.
- See FHIR chat thread https://chat.fhir.org/#narrow/stream/implementers/topic/Distinguishing.20test.20patients
- De-Identification topics
- SMART chat thread https://chat.fhir.org/#narrow/stream/smart
- FHIR Chat on "masked extension" https://chat.fhir.org/#narrow/stream/implementers/topic/Masked.20Extension.20for.20privacy.20restricted.20record
Minutes
- John Chair
- Approve Minutes July 18th -- Rob/Suzanne: 2-0-0
- John didn't work on action items
- Kathleen is not working this week
- Glen - discussion on the FHIR Chat. No discussion yet.
- Other new CP items have been added. Need assignment.
- Other topics in agenda for future discussion
