October 21st 2008 Security Conference Call
Attendees
- Mike Davis Security Co-chair
- Glen Marshall Security Co-chair
- Bernd Blobel Security Co-chair
- Suzanne Gonzales-Webb CBCC Co-chair
- Richard Thoreson CBCC Co-chair
- Ioana Singureanu
- Tonya Newton
- Bob Horn
- Frank Din
- Craig Winter
Agenda
- (05 min) Roll Call
- (05 min) Approve Minutes & Accept Agenda
- (15 min) Update to RBAC Privacy and Authorization Terminology Project Scope Statement v0 3
- (15 min) Vocabularies identified in October 14 meeting:
Goal is to use exisiting vocabulary for a POU, to allow/direct access to functional roles to an EHR or PHR. Extend vocabulary to make richer--how much richer? We need to figure out how to leverage and use them in security for authorization and support for consent directives. 'Less is more' (MDavis opinion) Note: that many of the objects are clinically related and may be inappropriate for Patient use/Patient access.
Question: Additional vocabularies to be added later? i.e. Nursing or Provider taxonomy, or other clinical taxonomy. Is this list a comprehensive list? Answer: By testing we will see how it will fit. Would like to recommend that SNOMED be first and see what gaps we find. This will lead us to inform us as we go along. Will lead to more comprehensive idea of what structure we are trying define.
By focusing on these lists of vocabularies we may be limiting ourselves. It makes more sense to start at the larger objects so that we have the opportunity to divide into smaller vocabularies more related to RBAC, workflow processes
- SNOMED
Very general in a provider's role.
- ICD-10 (or possibly ICD-11 which would be linked/mapped to SNOMED)
- RadLex [RadLex.org RadLex.org] an ACR, RSNA recognized vocabulary
Use: When you get to procedures and procedure steps, inserting terminology, in a sense similiar to LOINC.
- LOINC
- (15 min) Decision Making Practices (see CBCC document as example CBCC Decison Making Practices)
- (5 min) Other Business
