This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

July 14th 2009 Security Conference Call

From HL7Wiki
Jump to navigation Jump to search

Security Working Group Meeting

==Attendees== (expected)


Agenda

  1. (05 min) Roll Call, Approve Minutes & Accept Agenda
  2. (15 min) EHR WG Meeting
  • Meeting information: 770-657-9270 Access: 510269, Today (Tuesday) 3:30-4:30 EST
    • Security has reported to EHR before with no mixed discrepancies
    • We hope they are receptive to the concept (and Security would like to get out of the vocabulary maintainence piece as this is not solely a domain vocabulary, but also includes consumer) domains of course can make domain vocabulary extensions
    • aligning with the EHR makes sense; the work we are doing is providing more than just HL7 content (also HITSP, Healthcare IT community. Note: ANSI provides sponsorship), more discussion needed in the Security WG
    • Steve and Suzanne will report back next week with any comments
  1. (15 min) XML Transformation of RBAC Documents
  • Suggestion to add a page linking to a PDF document
    • per Don Lloyd this suggestion was unacceptable for the ballot
    • Result: The conversion must be done by hand which is a very 'laborious' and 'long' process
    • Steve Connolly has taken on the conversion task
    • A page will be created with the PDF documents as a back up
  • Suggestion to approach publishing saying that the ballot will not benefit with this transformation
  1. (15 min) add link] HL7 Risk Management Document
  2. #(5 min) Other Business what additional action items to we need to do
  • invite people to attend calls, increase awareness, start dialogue on issues with the vocabulary. (we will not have any discussions between the committees about the vocabularies)

Mike would like to ask that the WG take a look at the ballot. The first of August we should have a committment to go with this ballot. An electronic ballot will be sent out to get committment from both working groups (CBCC, Security)

    • if we have existing mappings of the objects to SNOMED or LOINC so that the implementers could see how they align with the RBAC vocabulary, in the short term that would be the most concrete terms...is that feasible to post somewhere? (Ioana)

Response: We could not find a consistent mapping which is why we chose to map to the HL7 EHR FM (Mike). CDA, C-32 documents are being used to code structured documents. if our security polices are not directly supported by this that puts a barrier because now we have to map the document type to the object list that is part of the permission catalog. it just adds another indirect mapping to the process.

Action Items

JOINT DISCUSSION between CBCC & Security to make sure we are all on the same page regarding Privacy in the Constraint Catalog

Back to Meetings