This wiki has undergone a migration to Confluence found Here
HL7 FHIR Security 2018-04-17
Revision as of 13:39, 17 April 2018 by JohnMoehrke (talk | contribs) (Created page with "==Call Logistics== Weekly: '''Tuesday at 02:00 EST''' Web conference desktop and VOIP https://www.freeconferencecall.com/join/security36 Online Meeting ID: security36 Pho...")
Call Logistics
Weekly: Tuesday at 02:00 EST
Web conference desktop and VOIP https://www.freeconferencecall.com/join/security36 Online Meeting ID: security36 Phone: +1 515-604-9567, Participant Code: 880898 Please be aware that teleconference meetings are recorded to assist with creating the meeting minutes
Back to HL7 FHIR security topics
Attendees
| Member Name | Member Name | Member Name | ||||||
|---|---|---|---|---|---|---|---|---|
| x | John Moehrke Security Co-Chair | x | Kathleen Connor Security Co-Chair | x | Alexander Mense Security Co-chair | |||
| . | Suzanne Gonzales-Webb CBCC Co-Chair | x | Johnathan Coleman CBCC co-chair | . | Chris Shawn Security co-chair | |||
| . | Ali Massihi | . | Mike Davis | x | Nathan Botts Mobile co-chair | |||
| x | Diana Proud-Madruga | x | Joe Lamy AEGIS | x | Beth Pumo | |||
| . | Irina Connelly | x | Matt Blackman Sequoia | . | Mark Underwood NIST | |||
| . | Peter Bachman | . | Grahame Greve FHIR Program Director | x | Kevin Shekleton (Cerner, CDS Hooks) | |||
| x | Luis Maas EMR Direct | . | Dave Silver | x | Francisco Jauregui |
Agenda
- Roll;
- approval of agenda
- approval of HL7 FHIR Security 2018-04-03 Minutes
- Anouncements
- Johnathan specific guidance given a paper from ONC that might guide improvements to the security guidance
- Johnathan sends regrets
- KEY PRIVACY AND SECURITY CONSIDERATIONS FOR HEALTHCARE APPLICATION PROGRAMMING INTERFACES (APIS)
- Review Access Control section for improvement opportunities
- Action: everyone
- Continuous security testing and remediation
- Using off-the-shelf and open-source tools to simulate attacks, code inspection, and in other ways probe for vulnerabilities, and remediation of those vulnerabilities following Risk-Management methodology.
- All security open http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemBrowse&tracker_id=677&tracker_query_id=4967
- Improvement beyond SMART scopes
- Patient Directed backend communication
- Oauth App Registration
- Certificate Management
- New business
ACTIONS
references
- stream for Security and Privacy discussions. Specification development, and Implementation.
- stream for Patient Empowerment. Discussions about empowering patients. Focus on deployment and advocacy.
- Proposed FHIR Connectathon track for Cologne -- GDPR
- Blockchain FHIR Connectathon
- Grahame is trying to find a community wanting to 'play' with blockchain. He is willing to standup the infrastructure.
- See blockchain zulip stream https://chat.fhir.org/#narrow/stream/blockchain
