This wiki has undergone a migration to Confluence found Here
HL7 FHIR Security 2016-10-04
Call Logistics
Weekly: Tuesday at 05:00 EST (2 PM PST)
Conference Audio: 770-657-9270,' Access: 845692 Join online meeting: https://global.gotomeeting.com/join/520841173 Please be aware that teleconference meetings are recorded to assist with creating the meeting minutes
Back to HL7 FHIR security topics
Attendees
| Member Name | Member Name | Member Name | ||||||
|---|---|---|---|---|---|---|---|---|
| x | John Moehrke Security Co-Chair | . | Kathleen Connor Security Co-Chair | x | Suzanne Gonzales-Webb CBCC Co-Chair | |||
| . | Gary Dickinson EHR Co-Chair | . | Johnathan ColemanCBCC Co-Chair | . | Mike Davis | |||
| . | Reed Gelzer RM-ES Lead | x | Glen Marshal | . | Galen Mulrooney | |||
| . | Dave Silver | . | Rob Horn | . | Judy Fincher | |||
| . | Diana Proud-Madruga | . | Beth Pumo | . | Oliver Lawless | |||
| . | Bob Dieterle | . | Mario Hyland | x | Joe Lamy | |||
| . | Rick Grow | . | [mailto: Richard Etterma] | . | [mailto: Wayne Kubic] |
Agenda
- Roll;
- approval of agenda
- approval of the August 30, 2016 minutes
- All security open http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemBrowse&tracker_id=677&tracker_query_id=4967
- Update on action items
- 9564 -- assigned to John -- following the discussion in the CP
- 9564 Should FHIR AuditEvent resource include DICOM extension of ATNA Audit log message ? ()
- 9167 -- assigned to John, only creating an example AuditEvent -- following the discussion in the CP
- 9167 AuditEvent needs to make more obvious how to record a break-glass event ()
- 9042, 9043, 9052 -- assigned to Kathleen, she has the XML almost ready to go
- 9996 -- assigned to Glen -- following the discussion in the CP
- 9996 Using Provenance resource to annotate content derived from non-FHIR sources ()
- https://chat.fhir.org/#narrow/stream/implementers/topic/Provenance.20resource.20for.20Middleware
- Discussion around Record Lifecycle events (6303)? Are we going to support this? Are the vocabulary done yet? (Gary will join)
- 6303 Add Record Lifecycle Events to AuditEventObjectLifecycle Set (Gary Dickinson) None
FHIR Security Open Issues
- 6303 Add Record Lifecycle Events to AuditEventObjectLifecycle Set ()
- Action: Gary
- 9042 Add RBAC as value set for AuditEvent.participant.role ()
- Action: Kathleen
- 9043 Add ABAC as alternative value set for AuditEvent.participant.role ()
- Action: Kathleen
- 9052 Add SNOMED Stuctural Roles as value set for AuditEvent.participant.role ()
- Action: Kathleen
- 9564 Should FHIR AuditEvent resource include DICOM extension of ATNA Audit log message ? ()
- Action: John
- 9750 Add Standard Extension to Domain Resource for Sourcing Acquired Data ()
- 9996 Using Provenance resource to annotate content derived from non-FHIR sources ()
- 10184 Linkage vs provenance ()
- Unclear
- 10343 Three additional Signature.type codes ()
- 10408 AuditEvent - Add ISO/HL7 10781 (EHR-S FM) and ISO 21089 (Trusted End-to-End) to Front Matter ()
- 10409 Provenance - Add ISO/HL7 10781 (EHR-S FM) and ISO 21089 (Trusted End-to-End) to Front Matter ()
- 10465 Change AuditEvent.purposeOfUse and AuditEvent.agent.purposeOfUse from Coding to CodeableConcept ()
- 10579 New Security and Privacy "Module" page needs content ()
From September ballot
- 9167 AuditEvent needs to make more obvious how to record a break-glass event ()
- Action: John
- 10382 Provenance activity codes are insufficient/inappropriate ()
- 10580 How should test data be identified? ()
- 10581 something should be said about de-identification ()
- 11071 Improve security label guidance - 2016-09 core #90 ()
- 11082 Make proposed wording change - 2016-09 core #163 ()
- 11083 OAuth is an authorization protocol, not an authentication protocol. Specify Oauth 2.0 to reduce ambiguity - 2016-09 core #164 ()
- 11084 Typo - 2016-09 core #165 ()
- 11141 Specify agent organizational role - 2016-09 core #295 ()
