This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

March 24, 2015 Security WG Conference Call

From HL7Wiki
Jump to navigation Jump to search

Attendees

x Member Name x Member Name x Member Name
x Mike DavisSecurity Co-chair . Duane DeCouteau . Chris Clark
x John MoehrkeSecurity Co-chair . Johnathan Coleman . Aaron Seib
. Alexander Mense Security Co-chair . Ken Salyards . Don Jorgenson
. Trish WilliamsSecurity Co-chair . Gary Dickinson . Tim McKay
x Kathleen Connor . Ioana Singureanu . Mohammed Jafari
x Suzanne Gonzales-Webb x [mailto: Rob Horn] . Galen Mulrooney
x Diana Proud-Madruga . Reed Gelzer x William Kinsley
x Rick Grow . [mailto: Oliver Lawless] . Paul Knapp

Back to Security Main Page

Agenda DRAFT

  1. (05 min) Roll Call, March 17 Meeting Minutes
  2. (10 min) FHIM S&P Modeling Project Wiki and Call Logistics - Kathleen
  3. (10 min) Vocabulary Alignment Project - Diana/Reed
  4. (30 min) Proposed HL7 Responses to Questions posed in the ONC Nationwide Interoperability Roadmap - Kathleen
  • For discussion:
    • What security aspects of RESTful services need to be addressed in a standardized manner?
    • Ubiquitous, Secure Network Infrastructure E.1 Cybersecurity and E.2 Encryption [p. 55]
    • Verifiable Identity and Authentication of All Participants [p. 58]
  1. (as time allows) FHIR disposition - review/discussion, ongoing agenda item
  2. (05 min) Other business, action items, and adjournment

Meeting Minutes

Approval of March 17 Meeting Minutes

  • The WG unanimously approved the minutes from the March 17 meeting.

FHIM S&P Modeling Project Wiki - Kathleen

  • The FHIM group reviewed Mike's mapping of the EHR, Security and W3C Provenance terms. It also started to look at the Open Data Model, which not only addresses the provenance of an artifact or activity, but also addresses the provenance workflow.
    • So, the FHIM group will consider whether the FHIM Data Model for Provenance includes some of the content described in the Open Data Model.
  • In addition, the group started to investigate the privacy and security issues around ensuring that the data provenance is left untampered.

Vocabulary Alignment Project - Diana

  • The project team completed a first pass through Mike's spreadsheet that maps the EHR, Security and W3C Provenance terms. Project participants discovered that the vocabulary mapping either shows a one-to-many relationship among the three domains or, in some cases, one-to-one.
    • Mike remarked that the Security and Provenance terms match each other better, and that the EHR-S Record Lifecycle Event terms are not very well-defined.
  • The team identified some Security "orphans," or terms that are in the EHR-S Functional Model, but do not appear as Record Lifecycle Events. Mike stated that the vocabulary alignment effort should move toward Security adopting the vocabulary that EHR determines; however, Security's vocabulary is more expansive than that of EHR's.
  • The next step is to narrow down the terms in order to figure out how Security and Provenance fit within FHIR. Mike is not sure what EHR's goals are; therefore, Diana will follow up with Reed and Gary on Friday to see if they can pursue a better approach to defining the EHR-S Record Lifecycle Event terms.
  • Kathleen added that EHR must develop appropriate definitions that can make it to harmonization in HL7 because if Security wants to use EHR's vocabulary in a normative context, EHR needs to have its vocabulary in HL7, and not in ISO.

Proposed HL7 Responses to Questions posed in the ONC Nationwide Interoperability Roadmap - Kathleen

  • SECTIONS TO WHICH SECURITY IS RESPONDING:
    • What security aspects of RESTful services need to be addressed in a standardized manner?
    • Ubiquitous, Secure Network Infrastructure E.1 Cybersecurity and E.2 Encryption [p. 55]
    • Verifiable Identity and Authentication of All Participants [p. 58]
  • Kathleen shared and discussed the proposed HL7 responses to these sections of the roadmap.

# (as time allows) FHIR disposition - review/discussion, ongoing agenda item

Meeting adjourned at 1306 PDT