This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

February 14, 2017 Security Conference Call

From HL7Wiki
Jump to navigation Jump to search

Back to Security Work Group Main Page

Attendees

x Member Name x Member Name x Member Name x Member Name
. John MoehrkeSecurity Co-chair x Kathleen ConnorSecurity Co-chair x Alexander Mense Security Co-chair . Trish WilliamsSecurity Co-chair
x Mike Davis x Suzanne Gonzales-Webb x David Staggs . Mohammed Jafari
x Glen Marshall, SRS x Beth Pumo . Ioana Singureanu . Rob Horn
x Diana Proud-Madruga . Serafina Versaggi . Joe Lamy . Galen Mulrooney
. Duane DeCouteau . Chris Clark . Johnathan Coleman . Aaron Seib
. Ken Salyards . Christopher D Brown TX . Gary Dickinson x Dave Silver
x Rick Grow . William Kinsley . Paul Knapp . Mayada Abdulmannan
. Kamalini Vaidya . Bill Kleinebecker . Christopher Shawn . Grahame Grieve
. Oliver Lawless . Ken Rubin . David Tao . Nathan Botts

Back to Security Main Page

Agenda

  1. (2 min) Roll Call, Agenda Approval
  2. (2 min) Security WG Call Minutes February 7, 2017 postponed to next week
  3. (20 min) TF4FA Ballot Reconciliation Spreadsheet Disposition Reviewand TF4FA Class Name for a Policy Target Object- Mike and Kathleen
  4. (10 min) WGM Minutes Review and Approval - Kathleen, postponed to next week
  5. (5 min) [gforge ballot spreadsheet - HL7 PASS Audit Ballot Reconciliation Update] - Diana
  6. (5 min) Security Labeling Service Revision Update - Diana
  7. (5 min) Proposal to add new Trust subworkgroup call to handle detailed TF4FA development, collaborate with NIST on alignment with NIST Internal Report 8112 A Proposed Schema for Enhancing Confidence in Federated Attributes and analyze standards impacts of 21st Century Cures Act on TF4FA and other privacy and security standards (in collaboration with CBCC) for the Trusted Exchange Framework Discussion for HL7 Policy Advisory Committee- Kathleen
  8. (2 min) FHIR AuditEvent and Provenance ballot comments & FHIR Security Call
  9. 10 min) Project Scope Statement - Medical Devices - Mike Davis

Minutes

  • Chaired by John
  • Agenda approved
  • Security WG Call Minutes February 7, 2017 postponed to next week


  • TF4FA Ballot Reconciliation Spreadsheet Disposition Review and TF4FA Class Name for a Policy Target Object- Mike and Kathleen
    • Does it align with Domain analysis model? Kathleen provided a link to the brief in detail in agenda
  • Information Target of policy is defined as:
    • Information Reference- This class and it association specify the attributes of protected information by a policy
      • The target of the policy is named in the policy example HIV
        • HIV under HIPPA is not considered sensitive
        • HIV under title 38 is considered sensitive
    • Mike Davis concurs with definition of information referenced by the policy
      • Th Policies are limited to the space
        • The intent of the information is a Healthcare information policy for HL7 (Mike Davis)
        • It is also a Social Services and Healthcare policy (Kathleen)
      • Next Step:
      • Will make following changes:
    • None persuasive with modification
    • We will use the Domain analysis Model
    • Comments were kept at high level as a information model
    • Comments were editorial
    • Kathleen comment recommended digital ledger technology
    • Mike Davis recommends in the spreadsheet to clarify the initiation dos not have to negotiate every instance of request
    • Next call we will review and move forward with voting
      • Updates of authors were made, and authors are requested to review updates to their comments

(10 min) WGM Minutes Review and Approval - Kathleen, postponed to next week

  • gforge ballot spreadsheet - HL7 PASS Audit Ballot Reconciliation Update] - Diana
    • John's none-persuasive comments:
    • FHIR specific implementation maybe out of scope
    • Diane will add FHIR specific implementation is out of scope as it is not integrated
    • John will send Diane link for XAML schema definition to Diana
    • Input from John would be needed in order to include FHIR specific implementation
    • comments:
      • Mike recommend to state that HL7 is working on FHIR specifaction
      • John does not feel we should point to draft standards
      • Both Mike and John agree the scope does not included Pass Audit to the scope of FHIR
      • Motion approved: (Block vote) Comments Comments 36 to 43 moved to resolution
    • Remaining Agenda was not discussed, moved to next meeting.
  • Security Labeling Service Revision Update - Diana
    • Moved to next call after HIMMS

(5 min) Proposal to add new Trust subworkgroup call to handle detailed TF4FA development, collaborate with NIST on alignment with NIST Internal Report 8112 A Proposed Schema for Enhancing Confidence in Federated Attributes and analyze standards impacts of 21st Century Cures Act on TF4FA and other privacy and security standards (in collaboration with CBCC) for the Trusted Exchange Framework Discussion for HL7 Policy Advisory Committee- Kathleen

  • FHIR AuditEvent and Provenance ballot comments & FHIR Security Call
  • Project Scope Statement - Medical Devices - Mike Davis