This wiki has undergone a migration to Confluence found Here
October 20th 2009 CBCC Conference Call
Back to CBCC Main Page
Attendees
- Bernd Blobel Security Co-chair, absent
- Tom Bonina
- Steven Connolly
- Mike Davis Security Co-chair
- Suzanne Gonzales-Webb CBCC Co-chair
- Don Jorgenson
- Glen Marshall Security Co-chair
- Rob McClure
- Steve Meyer
- John Moehrke
- Milan Petkovic
- Pat Pyette
- Richard Thoreson CBCC Co-chair
- Ioana Singureanu
- Serafina Versaggi Scribe
- Tony Weida
- Scott Robertson
- Craig Winter
Agenda
- (05 min) Roll Call, Approve Minutes & Accept Agenda
- (20 min) Privacy Consent DAM Ballot reconciliation - Canadian Comments
- (65 min) PASS Consent Requirements Draft version 0.01 discussion http://hssp-security.wikispaces.com/PASS+Consent
Minutes
- Agenda items approved.
- Question raised as to whether we will review the PASS Consent Requirements Draft in this meeting
- Pat indicates there is some preliminary work that needs to be done. It is up to the Work Group to decide whether to participate in the process or wait for work to be done within the PASS project and review the results. For now, this will remain an item on next week’s agenda
1. Privacy Consent DAM Ballot - Canadian Comments
- Item #16: Shared Secret: In Canada, the term Keyword is used to describe the concept for protecting records through the use of a password or similar mechanism and there are basically two options for access to protected health information:
- client may share health record within the constraints of default policy of the jurisdictional EHR;
- client may say, I don’t want to share my information with anyone.
- So you’re either in (1) or out (2). Both ways, information goes into the EHR, but in the case of (2), temporary access is granted by the client to the provider through use of a “keyword”, which allows the information to be retrieved.
- The way the term Shared Secret is used in the Privacy DAM is similar to the concept Keyword.
- Shared Secret is already defined in version 1 of HL7 messaging standards
- Shared Secret will replace the term Keyword throughout the DAM
- Pat will provide the definition for Shared Secret, which will come from the definition for Keyword as used by the Canadians
- Item #23: Pat unable to obtain information from Andre to address this vote.
- The Disposition changed from Pending Input from Submitter to Not-Persuasive
- Item #29: This use case was not include in the analysis, yet it is something that should be looked at in the future to see whether it will impact the DAM as it will likely impact the behavior model.
- Disposition changed to Consider for Future Use
- Item #50: Pat will add three additional statements to the Assumptions section of the Provider Overrides Consent Directive (Break Glass) use case on the wiki.
- The DAM will be updated. The disposition changed to Persuasive.
- Item #51: The inclusion of additional terms and definitions for this concept (consent, dissent, directives, deemed consent, express consent, implied consent) is confusing and the terms are not used again in the document.
- The definition for the term Consent Directive will read “A client’s instructions regarding consent to collect, use, and/or disclose individually identifiable health information”.
- This definition retains the intention that it is a client’s right to direct these instructions to the entity.
- The disposition changed Persuasive
- Item #56: the term Consent Originator is not defined and only mentioned once in the definition for Consenter.
- The definition for Consenter will be updated to read: “A person who consents to the collection, use or disclosure of a Client's PHI or IIHI.”
- Will resume Canadian comment review next week starting with Item #57
- On the agenda for next week: review draft CDA Implementation Guide. Ioana will distribute to WG in advance
- Motion by Pat to adjourn meeting at 3:10 PM EDT
- Seconded by Suzanne
- No significant motions or decision were made