March 12, 2013 Security Working Group Conference Call
Contents
Security Working Group Meeting
Attendees
- Bill Braithwaite
- Kathleen Connor
- Mike Davis Security Co-chair
- Suzanne Gonzales-Webb CBCC Co-chair
- Adrianne James
- Diana Proud-Madruga
- Richard Thoreson CBCC Co-chair
- Tony Weida
- [mailto: Reed Gelzer]
Agenda
- (05 min) Roll Call, Approve Minutes & Accept Agenda
- (15 min) Security and Privacy Ontology Work (IRIs, conformance, level of assurance, operations) - Tony
- (15 min) May 2013 WGM Ballot Materials / HCS IG review (pre-ballot review)
- (15 min) Item3
- (05 min) Other Business
Meeting Minutes
Roll Call, Approve Minutes & Accept Agenda Rolle taken, Mike Davis, Chair
Meeting minutes from February 26, 2013 were approved (vote: 7 affirmative / 0 negative / 1 abstention (Reed Gelzer)
Meetings Minutes for Febary 27, 2013 Approved: 7/0/one abstentions (Reed Gelzer)
Tony Weida: IRIs http://www.hl7.org/ontologies/SecurityAndPrivacyOntology.owl • Conformance Satement required as part of balloting procedures. 6 major Conformance statesments will be circulated by Tony witht heGroup
Is there a way to mask something without encrypting it? • Encryption is a mechanishm which is different than a thing (as masking) encryptin is a method for doingmasking. What is acceptable to masking is to make it unabialavle. –unless you ahv permission to see it, you can’t see it---you don’t have to enrypt it to not see it, y ou also have access control. (this si a security view per Mike’s claim) Looking for a definition for reduplicate (‘remove redundant copies of data); ‘i.e. you can anymize or deanonymize… an inverse of practically anything…. Anonymize and deanonyize are both intentional . According to world diction: to remove duplicated materials.
Defintion: (sources needed) Status of Ontology Ballot that needs to be submitted on Sunday.
Ballot Status: Tony is cranking away—will contact Don about having more time. As the same format as before, a word or pdf document with a zip file for .owl ontology. • ACITON ITEM: Tony to discuss to Don, submit what you have and beg for an update to what has been submitted; tony must notify co-chairs • How much additional work is needed? Will it be ready Friday/Saturday? o Will make use of all avialble time until public …3/25… unless Don sets s shorther time o Add time for discussion for next week security agenda o Other questions, issue? (none at moment per tony)
Healthcare Privacy and Security Classificatoin Ssytem • Completed the draft as QA, ballot cleanut in progress. Bulk of the work • Section onusing security labels with roles and users • All pieces should be ready for submission on Sunday (on-time) • A request for extension should not be required. • Final version will/should be ready by Friday---asking group for major things (show-stopper) for input; otherwise comment should be reserved for comment during ballot time.
It will have in the guide, some informative exampels on how a document might look once the HCS has been applied to it—some developer input. That final part of it, we’re at the last minute trying to complete ACTION ITEM: Guide will be posted to the listserve for the HCS draft guide
No other business. Meeting adjourned.