Difference between revisions of "HL7 Security Document Library"

Back to Security Main Page

Security Documents 2012

• HL7 Privacy and Security Vocabulary
• HL7 Security and Privacy Requirements for CDA R3
• HL7 Security and Privacy Vocabulary Value Set OIDs and Descriptions
• HL7 Security SOA Architecture Project Scope Statement

July 2012 Harmonization Proposals

• HL7 Harmonization Proposal July 2012 Security WG Purpose of Use
• HL7 Harmonization Proposal July 2012 Security WG Confidentiality Code Technical Corrections
• HL7 Harmonization Proposal July 2012 Security WG ActSensitivityPrivacyPolicyType Technical Correction

Security Ballot Material 2012

• HL7 Healthcare Privacy and Security Classification System White Paper. This paper describes a Healthcare Privacy and Security Classification System (HCS) suitable for automated privacy and security labels “tagging” and segmentation of protected health information (PHI) for privacy policy enforcement through security logical access controls.

Security Presentation 2012

• Arnie Rosenthal's comments on Healthcare Privacy and Security Classification System Presentation by Kathleen Connor
• HL7 Security WG July Harmonization Proposals
• Act.confidentialityCode “isDocumentCharacteristic”=true
• Proposed Health Care Security and Privacy Classification System BallotPresentation
• HL7 Security Service Oriented Architecture Domain Analysis Model (SSOA DAM)
• Purpose of Use Harmonization

VA Security Brown Bag Presentations May 24, 2012

• Infoway Privacy by Design and Pan-Canadian Federated Identity Presented by: Stan Ratajczak, Group Director Emerging Technologies Group, Canada Health Infoway
• Presentation on a prototypic implementation of a Healthcare Classification System for Data Segmentation by Duane Decouteau Senior Software Engineer VA (ESC)
• HL7 Privacy and Security Vocabulary for Healthcare Classification by Kathleen Connor
• May 24 VA Security Brown Bag recording
• Information on Software to play May 24 VA Security Brown Bag recording

Security Documents 2011 and Earlier

• HL7 v2 Confidentiality Codes and v3 Harmonization
• Final Refactored Confidentiality Codes Harmonization Proposal
• Final Act Policy Type Harmonization Proposal
• HL7 Publication Request for the Security and Privacy DAM DSTU
• Composite Security and Privacy Domain Analysis Model v1_r2 (post 2010May ballot reconciliation)
• Decision Making Practices (TBD)
• Requirement Analysis
  • Security Use Cases
  • Role-Based Access Control (RBAC) Use Cases
  • Security Glossary HL7 2008(c), Version 3 Std
• Documents on HL7 Project Homebase aka HL7 GForge
  • Role Based Access Control (RBAC) Role Engineering Overview, N1 Sept 2009 HL7 baltot site
  • HL7 RBAC Permission Catalog
  • HL7 RBAC Constraint Catalog
  • HL7 RBAC Role Engineering Process (supporting data)
  • HL7 RBAC Permission Catalog mapping to SNOMED CT (initial)
  • HL7 RBAC Permission Catalog mapping to SNOMED CT II
  • A Scenario driven Role Engineering Process for Functional RBAC Roles (RBAC Reference) G. Neumann and M. Strembeck A Scenario-driven Role Engineering Process for Functional RBAC Roles, proc. of the 7th ACM Symposium on Access Control Models and Technologies, pp 33-42, 2002

• Cookbook for Security Considerations-Instructions for HL7 standards editors and workgroups
• HL7 Document on OIDS from May 2009 ballot
• Draft Security DAM Diagram
• Security DAM use cases and their representation in the class diagram
• DRAFT Security DAM Value Sets - US Realm 12/01/2009

Approved Projects

• Security and Privacy Ontology Project Wiki
• RBAC Privacy and Authorization Terminology Project Scope Statement v0 2.doc joint with Community-Based Collaborative Care
  • Project Insight - Project Plan
• CDA R2 Implementation Guide for Privacy Consent Directives May 2010 joint with Community-Based Collaborative Care

Back to Security Main Page