This wiki has undergone a migration to Confluence found Here
January 25, 2011 Security Conference Call
Revision as of 23:04, 1 February 2011 by Suzannegw (talk | contribs) (Created page with "=Security Working Group Meeting= * Meeting Information Back to Security Main Page ==Attendees== (expected) * [mailto:coynee@saic.com Ed Coyne] * [mai...")
Security Working Group Meeting
==Attendees== (expected)
- Ed Coyne
- Mary Ann Juurlink
- Suzanne Gonzales-Webb CBCC Co-chair
- Eva Rodriguez HL7 Spain
- Michelle Johnston
- John Moehrke Security Co-chair
- Pat Pyette
- Diana Proud-Madruga
- Richard Thoreson CBCC Co-chair
- Tony Weida
- Craig Winter
Agenda
- (05 min) Roll Call, Approve Minutes & Accept Agenda
- (15 min) Discussion (continued)
- DMAG-UPC/HL7 Spain, DMAG Contribution to the HL7 Seurity and Privacy Ontology
- Presentation to accompany document
Jon Farmer's comments as received in e-mail on January 4, 2011: I see it as relevant to both Security and Privacy as follows:
- Impacts on both Security and Privacy
- the proposal that we embrace a "Digital Rights Management" and "intellectual Property" paradigm; including the proposal to represent protected EHRs with MPEG-21
- the proposal to utilize existing tools and reference models.
- proposal to re-represent some ontology constructs such as convert permission subclasses to individuals
- Impacts on Security:
- proposal to utilize an existing standard RBAC framework, which is purported to be equivalent to ours.
- Impacts on Privacy:
- the proposal to use an existing "rights expression language" if the suggestion is to use it for data consents.
- (5 min) Other Business
Action Items
- (Suzanne) Update RBAC Permission Catalog document (to correct version containing DRG paragraph) on the HL7 site
- (attendees) Review ballot comments being submitted by Andre Carrington to the ITS Group
- (John M) HL7 Security Risk Assessment Cookbook; proceeding to adoption in HL7