This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

March 12, 2013 Security Working Group Conference Call

From HL7Wiki
Jump to navigation Jump to search

Security Working Group Meeting

Back to Security Main Page

Attendees

Back to Security Main Page

Agenda

  1. (05 min) Roll Call, Approve Minutes & Accept Agenda
  2. (15 min) Security and Privacy Ontology Work (IRIs, conformance, level of assurance, operations) - Tony
  3. (15 min) May 2013 WGM Ballot Materials / HCS IG review (pre-ballot review)
  4. (15 min) Item3
  5. (05 min) Other Business

Meeting Minutes

Roll Call, Approve Minutes & Accept Agenda Rolle taken, Mike Davis, Chair

Meeting minutes from February 26, 2013 were approved (vote: 7 affirmative / 0 negative / 1 abstention (Reed Gelzer)


Meetings Minutes for Febary 27, 2013 Approved: 7/0/one abstentions (Reed Gelzer)

Security and Privacy Ontology Work (IRIs, conformance, level of assurance, operations) - Tony Weida ACTION ITEM: Conformance Statement Document to be circulated to listserve <add link: conformance statement document>

Noted website: http://www.hl7.org/ontologies/SecurityAndPrivacyOntology.owl

  • Conformance Statement required as part of balloting procedures.
    • 6 major Conformance statements in document

Discussion: Is there a way to mask digital information without encryption?

  • Encryption is a mechanism which is different than a thing (as masking), encryption is a method for doing masking. What is comprable to masking is to make it unavailable---so, unless you have permission to see it (data), you can’t see it---you don’t have to encrypt something (i.e. data) to not see it, this can be accomplished through access control methods. (This is a security view per Mike’s claim)


Tony is looking for a definition for deduplicate currently has a temporary definition listed ( remove redundant copies of data) in a sense similiar to meaning how you can anonymize or deanonymize--as an inverse of practically anything. Anonymize and deanonyize are both intentional .

  • According to world dictionary: deduplicate means to remove duplicated materials.
  • Defintion: (sources needed)


Status of Ontology Ballot Ballot needs to be submitted on Sunday

Ballot Status: Tony is cranking away—will contact Don Lloyd (HL7) about having more time if necessary. Tony will be using the same format as before--word or pdf document with a zip file for actual OWL ontology.

ACTION ITEM: Tony to discuss to Don for extension if necessary; otherwise Tony submit what he has completed and beg for an update to what has been submitted.

ACTION ITEM: Tony must notify co-chairs of his decision

Question: How much additional work is needed? Will it be ready Friday/Saturday?

  • Tony will make use of all time available until public review…on March 25, unless Don sets shorter time
  • Add time for ontology discussion for next week security agenda
  • Other questions, issue? (none at moment per Tony)

Healthcare Privacy and Security Classificatoin Ssytem - Kathleen

  • Completed the draft as QA, ballot cleanut in progress. Bulk of the work
  • Section onusing security labels with roles and users
  • All pieces should be ready for submission on Sunday (on-time)
  • A request for extension should not be required.
  • Final version will/should be ready by Friday---

ACTION ITEM: Security group to review HCS IG for major things (show-stoppers) for input; otherwise comment should be reserved for ballot time.

Note: In the guide, some informative examples on how a document might look once the HCS has been applied to it—i.e. some developer input. That final part of it may still need to be completed.

ACTION ITEM: Guide will be posted to the listserve for the HCS draft guide

HIMSS Meeting Information on Data Segmentation for Privacy (DS4P) can be found via link: http://wiki.siframework.org/Data+Segmentation+for+Privacy+Charter+and+Members

No other business.

Meeting adjourned.

Action Items

Back to Security Main Page