Security Work Group Weekly Conference Call

Meeting Information

Attendees

• Tabitha Albertson
• Bernd Blobel Security Co-chair, absent
• Bill Braithwaite, MD
• Steven Connolly
• Mike Davis Security Co-chair
• Suzanne Gonzales-Webb CBCC Co-chair
• Allen Hobbs
• Don Jorgenson
• John Moehrke Security Co-chair, absent
• Pat Pyette
• Cliff Thompson
• Richard Thoreson CBCC Co-chair
• Serafina Versaggi, scribe
• Tony Weida
• Craig Winter

Agenda

1. (05 min) Roll Call & Call for Additional Agenda Items
2. (55 min) Report Out from Phoenix Working Group Meeting
   • Elections
   • Status of Security & CBCC WG response to MU
   • Ballot reconciliation
     • Security DAM
     • CDA R2 Implementation Guide for Consent Directives
     • PASS-Alpha Access Control
   • New Projects
     • Medical Device Security in Distributed Systems Scope Statement (DRAFT)
     • Privacy Policy Templates
     • Security and Privacy Ontology Scope Statement
     • Revised Security Domain Analysis Modeling Project Scope Statement

1. Action Items:

• Serafina to follow up with HL7 leadership to determine process for submitting WG response to MU IFR
• Team: please read MU IFR (focus on pages 81-94 and Table 2B) and provide comments at next Tuesday's meeting

2. Report Out from Phoenix WGM

Announcements

• Elections
  • John Moerhke elected Security Co-Chair
  • Mike Davis re-elected Security Co-Chair
  • Steve Connolly appointed Vocabulary Facilitator for Security WG
• John Moehrke presented a Risk Assessment methodology for HL7 to the TSC meeting on Monday which was very well received

Status of Security & CBCCC response to MU IFR

• Deadline for response is March 15
• Mike noted that many in this committee are responding to the IFR from their parent organization’s perspective
• Bill Braithwaite reported that HL7 will be submitting a consolidated response for aspects of comments that are HL7 standards specific. An electronic process for submitting work group comments to the HL7 committee is reportedly to be established
• Serafina to check with HL7 leadership and will report back on process for submitting comments to HL7
• Please read MU IFR in advance of next Tuesday’s meeting and bring your comments

Ballot Reconciliation

Ballot resolution for three ballots took place in joint session with Security, CBCC and SOA WGs

• Security DAM ballot - comments resolved during WGM. Reconciled ballot has been posted on GForge and notification sent to the Security/CBCC lists on 1/27/2010
• CDA R2 IG For Consent Directives ballot – comments resolved during WGM
• SOA – PASS Access Control ballot – comments resolved during WGM

Rio Working Group Meeting - May 2010

• Security WG will be in session
• If we are able to ballot for May, Security DAM ballot reconciliation will take place
• There are costs associated with delaying progress on these ballots
• No issue about balloting things, but ballot reconciliation works better in person
• Richard raised a concern about the title for the Security DAM. It does not explicitly include Privacy in the title of the scope
  • Scope statement includes reference to Privacy explicitly but Mike will add the term Privacy to the title of the Scope Statement prior to submitting to TSC

New Projects

• Medical Device Security in Distributed Systems
  • Scope statement crafted during the meeting
  • Health Care Devices (HCD) to sponsor; Security WG will co-sponsor along with other WGs
  • Scope statement will be sent to HCD for approval for September 2010 ballot
• Privacy Policy Templates
  • Create set of pseudo code policies for consumer consent that will be balloted
  • OID assigned to each policy allowing them to be used in formal language like XACML or referenced in a CDA R2 message using an HL7 OID. In the R2 message, specify the attributes that belong to that policy. CDA R2 is not a formal policy language, it applies to an instance of a policy, and needs some reference to a policy
  • Scope statement has prepared by Pat and Don (to be presented next week)
• Security and Privacy Ontology project
  • Bernd made a presentation on ontologies at an EHR work group session and again on Thursday Q4 in a joint SOA, SBCC & Security meeting
  • SOA is also submitting a project for ontology. Mike and Ken Rubin discussed and agreed there are two separate ontology viewpoints and therefore two separate projects
  • Both projects will create SAEAF artifacts
  • Projects will share techniques, policies, tooling
• Revised Security DAM
  • Ioana proposed the creation of a consolidated Security and Privacy DAM.
  • The consolidated DAM will allow specializations of the DAM that are focused on Security and/or Privacy
  • A revised scope statement was submitted on 31 January to reflect the intent to ballot the consolidated DAM as a DSTU ballot in May. If we are unable to make this date, we will withdraw and ballot in Sept 2010
  • While the initial scope statement reflected the consolidation of the two DAMs, steering division approval is required to move the Security DAM from Informative
  • If any objections are raised to balloting as DSTU, we will argue both DAMs are intended for external use and therefore merit normative status. In addition, the Composite Privacy DAM is already DSTU. External organizations want/need to reference normative standards. This goes beyond the scope of HL7 internal use only
    • For example, Steve is working on taking the Security Information model and creating a US realm specific instance by populating it with standards and value sets. We plan to turn this work over to the FHIMS group (Federal Health Information Modeling and Standards)

3. Discussion

Security and Privacy Ontology Scope Statement Review

• Goal for this review is to obtain approval for this scope statement as is written in today’s meeting
• Question about the different viewpoints related to ontologies (SOA and Security)
  • Security: Business case proposed for security – focused on specific security considerations, e.g., security management in terms of decision support; approving efficiency of authorization engine decisions
  • SOA Ontology project is focused on SOA services and vocabularies to support that. SOA has a broader scope and less specificity.
    • Review SOA Wiki page for more details
  • Ontologies are specific to a viewpoint. Part of our work is to harmonize vocabularies with SNOMED-CT.
    • Bernd referred to efforts already underway in this subject and we should not attempt a direct mapping. Instead, he suggested creating an intermediary artifact that could map to SNOMED.
• SOA and Security Ontology projects touch points:
  • Process
  • Tools
• Scope statement review
  • V3 Messages Infrastructure
  • Universal Realm
  • New Standard – project intent
  • Ballot Type: DSTU
  • Lead: Security
    • Interested Parties: CBCC, EHR, SOA, Vocabulary, MnM
    • Sponsoring Groups: Security, CBCC & SOA
  • Tools. Security and SOA WGs will work with HL7 to determine the best approach
    • IHTSDO – new tool for creation of ontologies
    • Protégé & OWL
  • The ontology project will:
    • Leverage existing HL7 information models (Security and Privacy) and vocabulary standards to create a new SAEAF ontology artifact. The group intends to produce a domain ontology bridging the health care IT Security and Privacy concept domains
    • Improve the information model by formally describing the attributes in the classes
    • Improve the speed and efficiency of policy enforcement algorithms
      • Knowing where concepts appear in an ontology and knowing their child concepts will help engines (and patients) in specifying policy rules and consent preferences
  • How does this ontology project help bridge the concepts of Security and Privacy to the clinical domain?
    • Ontologies are built on information models. We’re starting with the Security & Privacy IM
    • Relationship to the heath care objects that are described in the HL7 permission catalog objects which have been harmonized with the EHR-S in the last ballot, then…you have a collection of objects that are identified as a class in the Security/Privacy IM as well.
    • Those concepts may also occur in SNOMED-CT
    • As part of this effort, the intent is to create a bridging ontology that will allow the linkage of SNOMED concepts into the health care security and privacy ontologies being created by this project
    • This will not be balloted until sometime next year
  • Bernd added a section on “Ontology Driven Clinical Decision Support”
    • Ontologies along with other weighting factors about knowledge representation would be useful in decision support.
    • There are existing ontologies that Bernd proposes we look at – Basic Ontology Framework (BOF), Biomedical Ontology (BMO). (SOA work group is also looking at these)
• Timeline:
  • Anticipating sponsoring work group steering division approvals: Feb 2010
  • November 2010: submit final Informative content
  • January 2011: Informative Ballot
  • March 2011: submit final DSTU content
  • Effort will likely continue on beyond 2011
• Bill made a motion to approve the scope statement as amended during the meeting; seconded by Suzanne.
  • Vote: 13/0/0
  • Security and CBCC co-chairs to take scope statement to their respective steering divisions

Meeting formally adjourned at 2:17 PM EST, and moved to the CBCC WG Meeting