February 24th Security Conference Call
Security Working Group Meeting
==Attendees== (expected)
- Mike Davis Security Co-chair
- Suzanne Gonzales-Webb CBCC Co-chair
- Richard Thoreson CBCC Co-chair
- Ioana Singureanu
- David Sperzel
- Tony Weida
- Craig Winter
- Russ Hamm
- Steven Connolly
Agenda
- (05 min) Roll Call
- (05 min) Approve Minutes & Accept Agenda
- (15 min) Proposed Update to Operations vocabulary - Tony Weida Operations Vocabulary spreadsheet
A - Code B - Print name C - Synonyms - D - specialization (and gray areas for E - 'Mode' the nature of the nodes for vocabulary (selectable or non-selectable, previously as specialized/non-specializable) is not a leaf is selectable for coding in your model. i.e. archive in privacy and consent can be done in an abstract section. F - Descritpion; may be updated due to worthsmithing, or other G - Description taken from ActStateTransitioinOperation
- H - L, Proposed Value Sets
- I,J,I collection, may/may not be used, combined in collection use and disclosure (these are suggested value sets to be entered in the the 'represetative domain' to work if appropriate by any HL7 realm) checkmarks are being specifically named for inclusion for HL7 realm; black squares indicated those which may follow.
- Taxonomy - need to see how this relates to the current standard.
- Suggestion: (MDavis) if you look at execute as difined so far is at the same level as the primitives, it should be moved over one to the right, so that it falls under the execute term...so that we have create, delete, modify so that th
execute: is something generic that you apply directly to a piece of software which in turn may operate or other things. From a conceputal level (vs software artifacts) you can think about copying apatient record or converting a message from V2 to V3 or a document from English to Frnech...which are implemented by software. Ata security level you are concerned about by primitive operations on protected objects. privacy and consent level are things you want people able to do as directed by privacy and consent directives.
- we want to be able to harmonize this vocabulary with security; (i.e. move would be a delete and create)
- (15 min) Item2
- (15 min) Item3
- (5 min) Other Business