HL7 FHIR Security 2016-10-18
Weekly: Tuesday at 05:00 EST (2 PM PST)
Conference Audio: 770-657-9270,' Access: 845692 Join online meeting: https://global.gotomeeting.com/join/520841173 Please be aware that teleconference meetings are recorded to assist with creating the meeting minutes
|Member Name||Member Name||Member Name|
|x||John Moehrke Security Co-Chair||x||Kathleen Connor Security Co-Chair||x||Suzanne Gonzales-Webb CBCC Co-Chair|
|.||Gary Dickinson EHR Co-Chair||.||Johnathan ColemanCBCC Co-Chair||x||Mike Davis|
|.||Reed Gelzer RM-ES Lead||x||Glen Marshal||.||Galen Mulrooney|
|.||Dave Silver||x||Rob Horn||x||Judy Fincher|
|.||Diana Proud-Madruga||.||Beth Pumo||.||Oliver Lawless|
|.||Bob Dieterle||.||Mario Hyland||x||Joe Lamy|
|.||Rick Grow||.||[mailto: Richard Etterma]||.||[mailto: Wayne Kubic]|
- approval of agenda
- approval of the HL7 FHIR Security 2016-10-04 Minutes
- All security open http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemBrowse&tracker_id=677&tracker_query_id=4967
- September Ballot items must address by November 20 -- see http://wiki.hl7.org/index.php?title=FHIR_Ballot_Prep
- Discuss Items ready for Vote -- Start a week long block vote
- Discuss Action items
- New business?
FHIR Security ready for block vote
I believe these are ready for a block vote. Recommend a block vote be started.
- 9564 Should FHIR AuditEvent resource include DICOM extension of ATNA Audit log message ? (Madhusudana B Shivalinge Gowda) Persuasive with Mod
- 9750 Add Standard Extension to Domain Resource for Sourcing Acquired Data (Peter Bernhardt) Not Persuasive
- 10343 Three additional Signature.type codes (Kathleen Connor) None
- 10184 Linkage vs provenance (Brian Postlethwate) Not Persuasive
- 11084 Typo - 2016-09 core #165 (Andrew Gregorowicz) Not Persuasive with Mod
- 10408 AuditEvent - Add ISO/HL7 10781 (EHR-S FM) and ISO 21089 (Trusted End-to-End) to Front Matter (Gary Dickinson) Persuasive
- 10409 Provenance - Add ISO/HL7 10781 (EHR-S FM) and ISO 21089 (Trusted End-to-End) to Front Matter (Gary Dickinson) Persuasive
- 10465 Change AuditEvent.purposeOfUse and AuditEvent.agent.purposeOfUse from Coding to CodeableConcept (Marten Smits) Persuasive
- 11082 Make proposed wording change - 2016-09 core #163 (Andrew Gregorowicz) Persuasive
- 11083 OAuth is an authorization protocol, not an authentication protocol. Specify Oauth 2.0 to reduce ambiguity - 2016-09 core #164 (Andrew Gregorowicz) Persuasive
- 11141 Specify agent organizational role - 2016-09 core #295 (Perry Mar) Persuasive with Mod
- Actor Type valueset
- 9042 Add RBAC as value set for AuditEvent.participant.role (Kathleen Connor) None
- 9043 Add ABAC as alternative value set for AuditEvent.participant.role (Kathleen Connor) None
- 9052 Add SNOMED Stuctural Roles as value set for AuditEvent.participant.role (Kathleen Connor) None
- 10382 Provenance activity codes are insufficient/inappropriate (Lloyd McKenzie) None
- 11071 Improve security label guidance - 2016-09 core #90 (Kathleen Connor) None
- 9167 AuditEvent needs to make more obvious how to record a break-glass event (John Moehrke) None
- 10580 How should test data be identified? (John Moehrke) None
- 10581 something should be said about de-identification (John Moehrke) None
- 10579 New Security and Privacy "Module" page needs content (John Moehrke) None
- 9996 Using Provenance resource to annotate content derived from non-FHIR sources (Simone Heckmann) None
- 6303 Add Record Lifecycle Events to AuditEventObjectLifecycle Set (Gary Dickinson) None
- Actor Type Value Set with resolution to 9042, 9043, and 9052:
<description value="This example FHIR value set is comprised of example Actor Type codes, which can be used to value FHIR agents, actors, and other role elements.
- The FHIR Actor value set is based on ASTM Standard, E1762-95 ; selected codes and derived actor roles from HL7 RoleClass OID 2.16.840.1.113883.5.110; HL7 Role Code 2.16.840.1.113883.5.111, including AgentRoleType; HL7 ParticipationType OID: 2.16.840.1.113883.5.90; and HL7 ParticipationFunction codes OID: 2.16.840.1.113883.5.88.
- This value set includes, by reference, role codes from external code systems: NUCC Health Care Provider Taxonomy OID: 2.16.840.1.113883.6.101; North American Industry Classification System [NAICS]OID: 2.16.840.1.113883.6.85; IndustryClassificationSystem 2.16.840.1.1138126.96.36.19939; and US Census Occupation Code OID: 2.16.840.1.113883.6.243 for relevant recipient or custodian codes not included in this value set. If no source is indicated in the definition comments, then these are example FHIR codes.
- It can be extended with appropriate roles described by SNOMED as well as those described in the HL7 Role Based Access Control Catalog and the HL7 Healthcare (Security and Privacy) Access Control Catalog.
- In Role-Based Access Control (RBAC), permissions are operations on an object that a user wishes to access. Permissions are grouped into roles. A role characterizes the functions a user is allowed to perform. Roles are assigned to users. If the user’s role has the appropriate permissions to access an object, then that user is granted access to the object. FHIR readily enables RBAC, as FHIR Resources are object types and the CRUDE events (the FHIR equivalent to permissions in the RBAC scheme) are operations on those objects.
- In Attribute-Based Access Control (ABAC), a user requests to perform operations on objects. That user's access request is granted or denied based on a set of access control policies that are specified in terms of attributes and conditions. FHIR readily enables ABAC, as instances of a Resource in FHIR (again, Resources are object types) can have attributes associated with them. These attributes include security tags, environment conditions, and a host of user and object characteristics, which are the same attributes as those used in ABAC. Attributes help define the access control policies that determine the operations a user may perform on a Resource (in FHIR) or object (in ABAC). For example, a tag (or attribute) may specify that the identified Resource (object) is not to be further disclosed without explicit consent from the patient."/>