This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

Difference between revisions of "April 10, 2018 Security Conference Call"

From HL7Wiki
Jump to navigation Jump to search
 
(6 intermediate revisions by one other user not shown)
Line 23: Line 23:
 
||||.|| [mailto:glinden@lindentechadvisiors.com Greg Linden]
 
||||.|| [mailto:glinden@lindentechadvisiors.com Greg Linden]
 
|-
 
|-
||.|| [mailto:pknapp@pknapp.com Paul Knapp]
+
|| x|| [mailto:rhonna.clark@va.gov Rhonna Clark]
 
||||.|| [mailto:grahameg@gmail.com Grahame Grieve]
 
||||.|| [mailto:grahameg@gmail.com Grahame Grieve]
 
||||.|| [mailto:jc@securityrs.com Johnathan Coleman]
 
||||.|| [mailto:jc@securityrs.com Johnathan Coleman]
||||.|| [mailto:aaron.seib@2311.net Aaron Seib]
+
||||x|| [mailto: Matt Blackman, Sequoia]
 
|-
 
|-
|| .|| [mailto:ken.salyards@samhsa.hhs.gov Ken Salyards]
+
||. || [mailto:mjafari@edmondsci.com Mohammed Jafari]
 
||||x|| [mailto:jim.kretz@samhsa.gov Jim Kretz]
 
||||x|| [mailto:jim.kretz@samhsa.gov Jim Kretz]
||||.|| [mailto:gary.dickinson@ehr-standards.com Gary Dickinson]
+
||||.|| [mailto:pbspamfilteracct@gmail.com Peter Bachman]
 
||||x|| [mailto:dsilver@electrosoft-inc.com Dave Silver]
 
||||x|| [mailto:dsilver@electrosoft-inc.com Dave Silver]
 
|-
 
|-
Line 38: Line 38:
 
||||.|| [mailto:acg.internajonal@gmail.com Theresa Connor]
 
||||.|| [mailto:acg.internajonal@gmail.com Theresa Connor]
 
|-
 
|-
||. || [mailto:mjafari@edmondsci.com Mohammed Jafari]
 
||||.|| [mailto:ioana.singureanu@gmail.com Ioana Singureanu]
 
||||.|| [mailto:pbspamfilteracct@gmail.com Peter Bachman]
 
||||x|| [mailto: Matt Blackman, Sequoia]
 
  
 
|-
 
|-
Line 54: Line 50:
 
#''(15 min)'' '''[http://wiki.hl7.org/index.php?title=HL7_May_2018_WGM_AGENDA_-_Cologne,_Germany Security Cologne May WGM Agenda]''' - Kathleen
 
#''(15 min)'' '''[http://wiki.hl7.org/index.php?title=HL7_May_2018_WGM_AGENDA_-_Cologne,_Germany Security Cologne May WGM Agenda]''' - Kathleen
  
==Meeting Minutes DRAFT==
+
==Meeting Minutes==
 
Chris Shawn, chair
 
Chris Shawn, chair
 
Roll Call, Agenda Review, Meeting Minutes approval
 
Roll Call, Agenda Review, Meeting Minutes approval
  
http://wiki.hl7.org/index.php?title=April_10,_2018_Security_Conference_Call Meeting Minutes Approval (Kathleen/Johnathan)
+
http://wiki.hl7.org/index.php?title=April_10,_2018_Security_Conference_Call  
Opposed: none; Abstentions: none; Approved: 12
+
* Motion: Meeting Minutes Approval (Kathleen/Johnathan)
 +
* Opposed: none; Abstentions: none; Approved: 12
  
TF4FA Ballot - Mike
+
'''TF4FA Ballot''' - Mike
* time to vote, we're hoping things to go well
+
* Time to vote, we are hoping things go well
 
* Ballot is Normative
 
* Ballot is Normative
* Intend to contue with the PSAF charter (also mentioned on CBCP); have started work on Audit volume 3
+
* Intend to continue with the PSAF charter (also mentioned on CBCP); have started work on Audit volume 3
** Volume 3 will have elements of life cycle eents and Audit and Provenance
+
** Volume 3 will have elements of life cycle events and Audit and Provenance
** A&P are related, the work with did with EHR - Provenance of things an dlifecycle events and audit
+
** A&P are related, the work with did with EHR - Provenance of things and lifecycle events and audit
** first thought is to look into block chain technology--signed ledger idea behind that---trust history; we'e already brough up a little of this...we will not get too detailed in it
+
** First thought is to look into block chain technology--signed ledger idea behind that---trust history; we’ve already brought up a little of this...we will not get too detailed in it
** we have idea of by September by then t ballot in January - depending on how the current two volumes go with Normative
+
** We have idea of by September by then to ballot in January - depending on how the current two volumes go with Normative
  
FHIR Security update _JohnM
+
'''FHIR Security update''' -John M
* we are working through the ONC API and seucirty
+
* We are working through the ONC API and security
** next item was input validation, agreed to add as an item as a high level punch list on security spec
+
** Next item is input validation, agreed to add as an item as a high-level punch list on security spec
** discussion on litmus test to help determine something that rises to the level that we should say something otherwise we will duplicate the exisiting security works--which is not desired
+
** Discussion on litmus test to help determine something that rises to the level that we should say something otherwise we will duplicate the existing security works--which is not desired
** is it input validation?
+
** We didn’t come up with a good litmus test--but we will add... one for now... when is it something specific to securing FHIR vs we should have some recommendation to use a security framework and have a list of some security frameworks--we haven't yet touched upon (it will have to be a topic) ...
** we didnt' come up with a good litmus test--but we will add... one for now... when is it something specific to securing FHIR vs we should have some recommendation to use a seucrit framework and have a list of some security frameworks--we haven't yet touched upon (it will have to be a topic)...
+
**Continuing to work through the ONC paper
**continuing to work through the ONC paper
+
* New time is better meeting time 2PM ET (right before this meeting)
* new time is better meeting time 2PM ET (right before this meeting)
 
  
 
Cologne Agenda - Kathleen
 
Cologne Agenda - Kathleen
 
(DRAFT)
 
(DRAFT)
* picking up on themes discussed
+
* Produced from themes discussed
* opening Security WG
+
* Adjustments made to the Security WGM agenda (discussion)
<<add link>>
+
* [http://wiki.hl7.org/index.php?title=HL7_May_2018_WGM_AGENDA_-_Cologne,_Germany http://wiki.hl7.org/index.php?title=HL7_May_2018_WGM_AGENDA_-_Cologne,_Germany]
* Update on ballot
+
* Updates on ballot, TEFCA, GDPR (specifically to review gaps),
 +
** Request made to not make US specific regarding ONC topic on agenda
 +
* NOTE: DRAFT, not final
 +
* ''' ''Alex to ask EU folk for agenda items''' ''
 +
 
 +
Meeting adjourned at 1235 Arizona Time  --[[User:Suzannegw|Suzannegw]] ([[User talk:Suzannegw|talk]]) 15:35, 10 April 2018 (EDT)

Latest revision as of 05:13, 15 April 2018

Back to Security Main Page

Attendees

x Member Name x Member Name x Member Name x Member Name
x John Moehrke Security Co-chair x Kathleen Connor Security Co-chair x Alexander Mense Security Co-chair . Trish Williams Security Co-chair
x Christopher Shawn Security Co-chair x Suzanne Gonzales-Webb x Mike Davis x David Staggs
x Diana Proud-Madruga x Francisco Jauregui x Joe Lamy . Greg Linden
x Rhonna Clark . Grahame Grieve . Johnathan Coleman x [mailto: Matt Blackman, Sequoia]
. Mohammed Jafari x Jim Kretz . Peter Bachman x Dave Silver
. Beth Pumo . Bo Dagnall . Riki Merrick . Theresa Connor

Back to Security Main Page

Agenda

  1. (2 min) Roll Call, Agenda Approval
  2. (5 min) Review and Approval of April 3rd minutes
  3. (5 min) TF4FA Normative Ballot - time to vote - Mike
  4. (15 min) FHIR Security Updates - John
  5. (15 min) Security Cologne May WGM Agenda - Kathleen

Meeting Minutes

Chris Shawn, chair Roll Call, Agenda Review, Meeting Minutes approval

http://wiki.hl7.org/index.php?title=April_10,_2018_Security_Conference_Call

  • Motion: Meeting Minutes Approval (Kathleen/Johnathan)
  • Opposed: none; Abstentions: none; Approved: 12

TF4FA Ballot - Mike

  • Time to vote, we are hoping things go well
  • Ballot is Normative
  • Intend to continue with the PSAF charter (also mentioned on CBCP); have started work on Audit volume 3
    • Volume 3 will have elements of life cycle events and Audit and Provenance
    • A&P are related, the work with did with EHR - Provenance of things and lifecycle events and audit
    • First thought is to look into block chain technology--signed ledger idea behind that---trust history; we’ve already brought up a little of this...we will not get too detailed in it
    • We have idea of by September by then to ballot in January - depending on how the current two volumes go with Normative

FHIR Security update -John M

  • We are working through the ONC API and security
    • Next item is input validation, agreed to add as an item as a high-level punch list on security spec
    • Discussion on litmus test to help determine something that rises to the level that we should say something otherwise we will duplicate the existing security works--which is not desired
    • We didn’t come up with a good litmus test--but we will add... one for now... when is it something specific to securing FHIR vs we should have some recommendation to use a security framework and have a list of some security frameworks--we haven't yet touched upon (it will have to be a topic) ...
    • Continuing to work through the ONC paper
  • New time is better meeting time 2PM ET (right before this meeting)

Cologne Agenda - Kathleen (DRAFT)

Meeting adjourned at 1235 Arizona Time --Suzannegw (talk) 15:35, 10 April 2018 (EDT)

Retrieved from "https://wiki.hl7.org/w/index.php?title=April_10,_2018_Security_Conference_Call&oldid=156024"