This wiki has undergone a migration to Confluence found Here
October 30, 2018 Security Conference Call
Attendees
x | Member Name | x | Member Name | x | Member Name | x | Member Name | |||
---|---|---|---|---|---|---|---|---|---|---|
x | John Moehrke Security Co-chair | x | Kathleen Connor Security Co-chair | x | Alexander Mense Security Co-chair | . | Trish Williams Security Co-chair | |||
x | Christopher Shawn Security Co-chair | x | Suzanne Gonzales-Webb | x | Mike Davis | . | David Staggs | |||
x | Diana Proud-Madruga | . | Johnathan Coleman | . | Francisco Jauregui | . | Joe Lamy | |||
. | Theresa Ardal Connor | . | Greg Linden | . | Grahame Grieve | . | Dave Silver | |||
. | Beth Pumo | x | Jim Kretz | . | Peter Bachman | . | Bo Dagnall |
Agenda
- (2 min) Roll Call, Agenda Approval
- (2 min) Review and Approval of Minutes
- (10 min) Review last block of TF4FA Vol 1 and 2 Ballot comments: 147 - 161 from TF4FA Recon call Final vote on the last of the dispositions is scheduled for 10/30.
- (2 min)Update on revision of PASS Audit
- (5 min) TF4FA Trust Framework, Volume 3 - Update Mike
- (1 min) NOTE Need to get <<add project name>> NIB done this week. Have to get HQ to set up NIB - Kathleen
- (15 min) CUI in Healthcare Background, history, general requirements, and implications for healthcare - Chris Shawn
- (15 min) Controlled Unclassified Information (CUI) Harmonization Proposal - Kathleen
- (5 min) FHIR Security Update - John
- Blockchain and FHIR use-cases as presented by Abigail Watson at the HL7 WGM. Link to the PDF version on their Google Drive. Link sharing is on, and that should be able to handle as much traffic as we can throw at it; and we can point at it from blog posts, the Symptomatic website, and elsewhere. link
- FHIR-Security call will be alternating between core FHIR Security topics, and work on FHIR Connectathon - Care Plan scenario
- (5 min) GDPR whitepaper on FHIR Update - Alex
Meeting Materials
- CUI Rule 32 CFR Part 2002
- SP 800-171A
- CUI Marking Handbook
- CUI Health Information Category
- CUI Registry: Limited Dissemination Controls
- CUI Policy and Guidance
- CUI Glossary
- CUI Updated Training Videos
Introduction to Marking CUI (updated August 6, 2018) Introduction to Marking CUI (updated August 6, 2018) This video provides an overview of how to mark documents, emails, presentations, systems, and other files that contain CUI. It specifically addresses the designation indicator and the CUI banner marking, including the CUI control marking, CUI category markings, and Limited Dissemination Control Markings. It also discusses portion marking, the use of cover sheets, marking multi-page documents, and decontrolling CUI. NIST CUI Security Requirements Workshop 10/18/18 Everything you ever wanted to know about CUI
- CUI Security Requirements Workshop Agenda
- Workshop Video
- Controlled Unclassified Information: Unauthorized Disclosure: Prevention and Reporting
Meeting Minutes DRAFT
Chair, TBD