This wiki has undergone a migration to Confluence found Here
Difference between revisions of "HL7 FHIR Security 2016-10-04"
Jump to navigation
Jump to search
JohnMoehrke (talk | contribs) (Created page with "==Call Logistics== Weekly: '''Tuesday at 05:00 EST''' (2 PM PST) Conference Audio: '''770-657-9270,''' Access: '''845692'' '''Join online meeting: https://global.gotomeetin...") |
JohnMoehrke (talk | contribs) (→Agenda) |
||
Line 62: | Line 62: | ||
* Discussion around Record Lifecycle events (6303)? Are we going to support this? Are the vocabulary done yet? (Gary will join) | * Discussion around Record Lifecycle events (6303)? Are we going to support this? Are the vocabulary done yet? (Gary will join) | ||
**[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=6303 6303] Add Record Lifecycle Events to AuditEventObjectLifecycle Set (Gary Dickinson) None | **[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=6303 6303] Add Record Lifecycle Events to AuditEventObjectLifecycle Set (Gary Dickinson) None | ||
+ | |||
+ | ==FHIR Security Open Issues== | ||
+ | |||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=6303 6303] Add Record Lifecycle Events to AuditEventObjectLifecycle Set () | ||
+ | ** Action: Gary | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=9042 9042] Add RBAC as value set for AuditEvent.participant.role () | ||
+ | ** Action: Kathleen | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=9043 9043] Add ABAC as alternative value set for AuditEvent.participant.role () | ||
+ | ** Action: Kathleen | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=9052 9052] Add SNOMED Stuctural Roles as value set for AuditEvent.participant.role () | ||
+ | ** Action: Kathleen | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=9564 9564] Should FHIR AuditEvent resource include DICOM extension of ATNA Audit log message ? () | ||
+ | ** Action: John | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=9750 9750] Add Standard Extension to Domain Resource for Sourcing Acquired Data () | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=9996 9996] Using Provenance resource to annotate content derived from non-FHIR sources () | ||
+ | ** Action: Glen | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=10184 10184] Linkage vs provenance () | ||
+ | ** Unclear | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=10343 10343] Three additional Signature.type codes () | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=10408 10408] AuditEvent - Add ISO/HL7 10781 (EHR-S FM) and ISO 21089 (Trusted End-to-End) to Front Matter () | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=10409 10409] Provenance - Add ISO/HL7 10781 (EHR-S FM) and ISO 21089 (Trusted End-to-End) to Front Matter () | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=10465 10465] Change AuditEvent.purposeOfUse and AuditEvent.agent.purposeOfUse from Coding to CodeableConcept () | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=10579 10579] New Security and Privacy "Module" page needs content () | ||
+ | |||
+ | From September ballot | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=9167 9167] AuditEvent needs to make more obvious how to record a break-glass event () | ||
+ | ** Action: John | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=10382 10382] Provenance activity codes are insufficient/inappropriate () | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=10580 10580] How should test data be identified? () | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=10581 10581] something should be said about de-identification () | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=11071 11071] Improve security label guidance - 2016-09 core #90 () | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=11082 11082] Make proposed wording change - 2016-09 core #163 () | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=11083 11083] OAuth is an authorization protocol, not an authentication protocol. Specify Oauth 2.0 to reduce ambiguity - 2016-09 core #164 () | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=11084 11084] Typo - 2016-09 core #165 () | ||
+ | *[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=11141 11141] Specify agent organizational role - 2016-09 core #295 () | ||
==Minutes== | ==Minutes== |
Revision as of 14:13, 4 October 2016
Call Logistics
Weekly: Tuesday at 05:00 EST (2 PM PST)
Conference Audio: 770-657-9270,' Access: 845692 Join online meeting: https://global.gotomeeting.com/join/520841173 Please be aware that teleconference meetings are recorded to assist with creating the meeting minutes
Back to HL7 FHIR security topics
Attendees
Member Name | Member Name | Member Name | ||||||
---|---|---|---|---|---|---|---|---|
x | John Moehrke Security Co-Chair | . | Kathleen Connor Security Co-Chair | x | Suzanne Gonzales-Webb CBCC Co-Chair | |||
. | Gary Dickinson EHR Co-Chair | . | Johnathan ColemanCBCC Co-Chair | . | Mike Davis | |||
. | Reed Gelzer RM-ES Lead | x | Glen Marshal | . | Galen Mulrooney | |||
. | Dave Silver | . | Rob Horn | . | Judy Fincher | |||
. | Diana Proud-Madruga | . | Beth Pumo | . | Oliver Lawless | |||
. | Bob Dieterle | . | Mario Hyland | x | Joe Lamy | |||
. | Rick Grow | . | [mailto: Richard Etterma] | . | [mailto: Wayne Kubic] |
Agenda
- Roll;
- approval of agenda
- approval of the August 30, 2016 minutes
- All security open http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemBrowse&tracker_id=677&tracker_query_id=4967
- Update on action items
- 9564 -- assigned to John -- following the discussion in the CP
- 9564 Should FHIR AuditEvent resource include DICOM extension of ATNA Audit log message ? ()
- 9167 -- assigned to John, only creating an example AuditEvent -- following the discussion in the CP
- 9167 AuditEvent needs to make more obvious how to record a break-glass event ()
- 9042, 9043, 9052 -- assigned to Kathleen, she has the XML almost ready to go
- 9996 -- assigned to Glen -- following the discussion in the CP
- 9996 Using Provenance resource to annotate content derived from non-FHIR sources ()
- https://chat.fhir.org/#narrow/stream/implementers/topic/Provenance.20resource.20for.20Middleware
- Discussion around Record Lifecycle events (6303)? Are we going to support this? Are the vocabulary done yet? (Gary will join)
- 6303 Add Record Lifecycle Events to AuditEventObjectLifecycle Set (Gary Dickinson) None
FHIR Security Open Issues
- 6303 Add Record Lifecycle Events to AuditEventObjectLifecycle Set ()
- Action: Gary
- 9042 Add RBAC as value set for AuditEvent.participant.role ()
- Action: Kathleen
- 9043 Add ABAC as alternative value set for AuditEvent.participant.role ()
- Action: Kathleen
- 9052 Add SNOMED Stuctural Roles as value set for AuditEvent.participant.role ()
- Action: Kathleen
- 9564 Should FHIR AuditEvent resource include DICOM extension of ATNA Audit log message ? ()
- Action: John
- 9750 Add Standard Extension to Domain Resource for Sourcing Acquired Data ()
- 9996 Using Provenance resource to annotate content derived from non-FHIR sources ()
- Action: Glen
- 10184 Linkage vs provenance ()
- Unclear
- 10343 Three additional Signature.type codes ()
- 10408 AuditEvent - Add ISO/HL7 10781 (EHR-S FM) and ISO 21089 (Trusted End-to-End) to Front Matter ()
- 10409 Provenance - Add ISO/HL7 10781 (EHR-S FM) and ISO 21089 (Trusted End-to-End) to Front Matter ()
- 10465 Change AuditEvent.purposeOfUse and AuditEvent.agent.purposeOfUse from Coding to CodeableConcept ()
- 10579 New Security and Privacy "Module" page needs content ()
From September ballot
- 9167 AuditEvent needs to make more obvious how to record a break-glass event ()
- Action: John
- 10382 Provenance activity codes are insufficient/inappropriate ()
- 10580 How should test data be identified? ()
- 10581 something should be said about de-identification ()
- 11071 Improve security label guidance - 2016-09 core #90 ()
- 11082 Make proposed wording change - 2016-09 core #163 ()
- 11083 OAuth is an authorization protocol, not an authentication protocol. Specify Oauth 2.0 to reduce ambiguity - 2016-09 core #164 ()
- 11084 Typo - 2016-09 core #165 ()
- 11141 Specify agent organizational role - 2016-09 core #295 ()