October 11, 2011 Security Conference Call
Contents
Security Working Group Meeting
==Attendees== (expected)
- Bernd Blobel Security Co-chair, absent
- Bill Braithwaite, MD
- Kathleen Connor
- Tom Davidson
- Mike Davis Security Co-chair
- Jon Farmer
- Suzanne Gonzales-Webb CBCC Co-chair
- Russ Hamm
- John Moehrke Security Co-chair
- Milan Petkovic
- Pat Pyette
- Diana Proud-Madruga
- Scott Robertson
- Ken Salyards
- Richard Thoreson CBCC Co-chair
- Ioana Singureanu
- David Staggs
- Serafina Versaggi
- Tony Weida
- Craig Winter
Security Working Group Meeting
Attendees
TBD
Agenda
- Roll Call, Approve previous meeting minutes, Accept Agenda
- Inclusion of International Security Members Addition of call or updating one call a month to a more agreeable international time?
- Security and Privacy Ontology work Tony Weida, Ed Coyne (?)
- Increase active role in ‘’Refactor of Confidentiality Codes’’ a CBCC-sponsored project – Should this topic be discussed during the Security meeting or should discussions be limited to CBCC meetings? The project is intended to be joint work—CBCC is sponsor.
- EHR Functional Model Assistance requested in closing the Security-related comments on the EHR Functional Model ballot; on how they want their catalog to be used.
- S&I Framework Discussion of any overlap.
- Data Segmentation (note there is call overlap, John Moehrke will be attending this call)
Meeting Minutes
Roll Call, Approve previous meeting minutes, Accept Agenda
Note: Italisized text is carried forward from 10/04/2011 meeting Inclusion of International Security Members Addition of call or updating one call a month to a more agreeable international time?
Security and Privacy Ontology work Tony Weida, Ed Coyne (?)
Increase active role in Refactor of Confidentiality Codes’’ a CBCC-sponsored project – Should this topic be discussed during the Security meeting or should discussions be limited to CBCC meetings? The project is intended to be joint work—CBCC is sponsor. We need to answer the question: How are implementers supposed to use this? (add link see Mike’s paper )
- Incorporate the use case – manage, assign, receive when then get confidentiality codes; these need to be further defined in the Security-Privacy DAM (one of the project scope deliverables for the Refactor Confidentiality Code project)
intended to be joint work between CBCC and Security.
- ACTION ITEM: consider amending the refactor project scope or create a new project for the security portion. Where the obligations be carried will be different---they are a metadata of the transaction; further discussion (meta data vs. payload) needed. This piece is also missing from the Security-Privacy DAM. Also, between ontology and other vocabularies in the DAM that need to be enumerated in the US-realm. Have a catalog of existing code-sets that relate to the DAM and inspect and see if they are useful/restricted to the US Domain. Between that work and code-sets and confidentiality codes this will not perform surgery in those code-sets…some of this is also being done in the ontology work. (ontology work—international or US realm? Currently restricting to US to start, but would like to expand to international)
EHR Functional Model
Assistance requested in closing the Security-related comments on the EHR Functional Model ballot; on how they want their catalog to be used. John Moehrke is looking for volunteers to walk through the public comments--to assist EHR WG dispose of these comments. Entails a few meetings, accept/modify the comments and return information to the EHR WG with results. Please contact: John Moehrke (Kathleen has volunteered to assist)
- Meta-data for EHR functional model; project on meta-data criteria for HIE
Presented to EHR WG but unsure if a formal project has been established. (Relation to HHS-ONC…xxx information.)
S&I Framework – (discussion item) overview report to make sure we are all on the same page with other work going on. Discussion of any overlap.
Data Segmentation (note there is call overlap, John Moehrke will be attending this call)
