This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

February 17, 2015 Security WG Conference Call

From HL7Wiki
Revision as of 20:14, 17 February 2015 by Suzannegw (talk | contribs)
Jump to navigation Jump to search

Meeting Information

Back to Security Main Page

Attendees

x Member Name x Member Name x Member Name
x Mike DavisSecurity Co-chair . Duane DeCouteau . Chris Clark
x John MoehrkeSecurity Co-chair . Johnathan Coleman . Aaron Seib
x Alexander Mense Security Co-chair . Ken Salyards . Don Jorgenson
. Trish WilliamsSecurity Co-chair . Gary Dickinson . Tim McKay
x Kathleen Connor . Ioana Singureanu . Mohammed Jafari
x Suzanne Gonzales-Webb . Paul Knapp . Galen Mulrooney
x Diana Proud-Madruga . Reed Gelzer x William Kinsley
x Rick Grow . Steve Hufnagel . [mailto: Lloyd McKenzie]

Back to Security Main Page

Agenda DRAFT

//Need to update//

  1. (05 min) Roll Call, February 10 Meeting Minutes
  2. HL7 Security January 2015 WGM Minutes Review and approve
  3. (10 min) FHIM S&P Modeling Project Wiki and Call Logistics - Kathleen
  4. (10 min) Vocabulary Alignment Project - Diana/Reed
  5. (as time allows) FHIR disposition - review/discussion, ongoing agenda item
    1. Prepared to be ready to Vote
      1. 5393 -- Jan 2015 Ballot Comment #282
      2. 5394 -- Jan 2015 Ballot Comment #283
      3. 3945 -- add a new value to the issue type valueset
      4. 5658 -- Update the ASTM signature purpose with definitions from the ASTM specification
    2. Ready for Discussion
      1. 3411 --Source should be removed from Provenance Agent Role valueset
        1. I think we should evaluate all of the vocabulary in Provenance Agent Role against W3C. It seems that when we looked at this last week the W3C had a very small value-set that was more clear that it was roles that could create/update content. Where as the vocabulary today in FHIR is larger and less clear.
        2. Need someone to suggest the harmonized list. I think Kathleen said she would show us this trimmed version.
      2. 5398 Jan 2015 Ballot Comment #287
        1. Expand on Provenance.agent.reference to include the same capability to reference specific FHIR objects as SecurityEvent has. I think this is ready for vote, but likely needs discussion first.
      3. 5541 -- Add best practice narrative on suppressing data for client access of a resource
        1. I think this is a duplicate of 3945, in the to be voted on list above. Presume when we add the item, we add narrative. Or we could change 5541 into narrative for the security page, or http page, or query page… need discussion.
      4. 3298 Binary resources can be subverted for cross-site scripting
        1. Need someone knowledgeable in the vulnerability and attack to write a paragraph
      5. 5525 -- Consent Directive does not appear to be aligned with the 80%
        1. Read all the comments in the CP and discuss.
  6. (05 min) Other business, action items, and adjournment

Meeting Minutes