This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

September 7th, 2010 Security Conference Call

From HL7Wiki
Jump to navigation Jump to search

Security Working Group Meeting

Back to Security Main Page

Attendees

Agenda

  1. (05 min) Roll Call, Accept Minutes August 31st Security Work Group, Call for additional agenda items & Accept Agenda
  2. (05 min) Pat Pyette - PASS Audit Update
  3. (05 min) John Moehrke - John’s updates regarding the Risk Assessment
  4. (50 min) Security and Privacy Ontology project

Minutes

1. Action Items

  • Tony: Request administrative privileges to update GForge.
    • Mike to approve once request has been submitted
  • Mike: Will check with VA terminologists about whether LOINC clinical object codes have been linked to SNOMED-CT

2. Resolutions - none

3. Updates/Discussion

PASS Audit Update

No update today, but this ballot is now open. Please sign up to vote.

Security & Privacy Ontology Project

  1. LOINC to RBAC discussion:
    • This discussion related to examining the LOINC objects to determine which map to HL7 permission catalog and how they would map to SNOMED CT.
    • The purpose is to determine how we will use the ontology to link a different ontology (a bridge ontologies—which we may use or SNOMED CT directly)
    • Question: Is this a new ontology vs. an update to the current ontology?
      • Yes, we wouldn’t’ necessary put these items in the RBAC catalog directly — instead we should be able to map these terms to the various linkages, e.g., to SNOMED-CT.
    • The premise is that the relationship to SNOMED-CT has been harmonized to LOINC. Mike will check with the VA terminologies to confirm this assumption.
      • The examples used in ASTM-1986-09 have been mapped to SNOMED CT as much as possible.
      • Tony: The UMLS® (Unified Medical Language System), is one source of mapping that we could use in an attempt to extract these relationships to see what it reveals.
        • The UMLS is a meta-thesaurus maintained by the National Library of Medicine (NLM). Its purpose is to facilitate the development of computer systems that behave as if they "understand" the meaning of the language of bio-medicine and health. NLM produces and distributes the UMLS Knowledge Sources (databases) and associated software tools (programs) for use by system developers in building or enhancing electronic information systems.
      • This is very appealing because it would give a linkage from RBAC to these objects at a finer level of granularity. Are there are folks on the call who would like to work as a subgroup on examining this in more detail?
    • Jim Kretz: This listing (from RBAC Permission Catalog) is hardly unique or exhaustive. What does the distinction between laboratories study, pathology or procedure note buy you?
      • Mike: The permission catalog has actions/objects. We have high level objects in the RBAC permission catalog and one of our tasks as part of this project is to map our ontology to another ontology - specifically SNOMED-CT.
      • We’ve looked at SNOMED-CT in the past for instances of objects in the RBAC catalog, but this doesn’t map very well. So we're thinking we should create a bridge technology that would map our ontology to some intermediary which is then mapped to SNOMED-CT.

Tony has posted the first draft of the Security-Privacy Ontology expressed in OWL 2 and suitable for viewing with the Protégé 4.1 OWL Editor.

  • In addition, for those who are not using Protégé, there is a Word document with screen shots and other information.
    • Corresponding wiki entries will be made after Tony Weida obtains proper wiki access.
    • Tony will pass along files to Serafina and Suzanne until he is able to post on GForge.
    • Tony will make a request to join the HL7 Security GForge space. Mike can then approve the addition.

Back to Security Main Page