This wiki has undergone a migration to Confluence found Here
Difference between revisions of "HL7 WGM Sept 2017 - San Diego US MINUTES"
Jump to navigation
Jump to search
Line 82: | Line 82: | ||
==Wednesday Q1== | ==Wednesday Q1== | ||
− | ''' | + | '''Joint w/ EHR, CBCC, FHIR, SOA, Security''' |
− | + | See EHR Wiki for Minutes | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | *Agenda included indepth discussion about: | |
+ | |||
+ | **NIST SP 800-53/800-63 Impacts on current Security and CBCC WG standards | ||
+ | *** NIST SP 800-53/800-63 Impacts on current Security and CBCC WG standards | ||
+ | *** NIST 800-53 Rev 5 Review Security and Privacy Controls for Information Systems and Organizations Initial Public Draft | ||
+ | *** Understanding the Major Update to NIST SP 800-63: Digital Identity Guidelines | ||
+ | ** Study Group for Secondary use of HIoT data | ||
+ | ** Study Group for Minimum Necessary, Purpose of Use, and Healthcare Workflows | ||
==Wednesday Q2== | ==Wednesday Q2== |
Revision as of 20:06, 14 September 2017
Contents
MINUTES WGM San Diego 11th-14th September 2017
Tuesday Q1
Opening Security WG Meeting
Attendees:
- John Moehrke John.Moehrke@gmail.com
- Alexander Mense alexander.mense@hl7.at
- Kathleen Connor Kathleen.connor@comcast.net
- Mike Davis mike.davis@va.gov
- Chris Shawn christopher.shawn@va.gov
- David Pyke david.pyke@readycomputing.com
- Andreas Schuler andreas.schuler@fh-hagenberg.at
- Harri Honko harri.honk@w2e.fi
- Kevin Shekleton kshekleton@cerner.com
- Elysa Jones elysa@honeycombIQ.com
- Suzanne Webb suzanne.webb@bookzurman.com
Chaired by John
Tuesday Q2
Opening Security WG Meeting
Attendees:
- John Moehrke John.Moehrke@gmail.com
- Alexander Mense alexander.mense@hl7.at
- Kathleen Connor Kathleen.connor@comcast.net
- Mike Davis mike.davis@va.gov
- Chris Shawn christopher.shawn@va.gov
- David Pyke david.pyke@readycomputing.com
- Andreas Schuler andreas.schuler@fh-hagenberg.at
- Harri Honko harri.honk@w2e.fi
- Kevin Shekleton kshekleton@cerner.com
- Elysa Jones elysa@honeycombIQ.com
- Suzanne Webb suzanne.webb@bookzurman.com
Chaired by John
Tuesday Q3
Opening Security WG Meeting
Attendees:
- John Moehrke John.Moehrke@gmail.com
- Alexander Mense alexander.mense@hl7.at
- Kathleen Connor Kathleen.connor@comcast.net
- Mike Davis mike.davis@va.gov
- Chris Shawn christopher.shawn@va.gov
- David Pyke david.pyke@readycomputing.com
- Andreas Schuler andreas.schuler@fh-hagenberg.at
- Harri Honko harri.honk@w2e.fi
- Kevin Shekleton kshekleton@cerner.com
- Elysa Jones elysa@honeycombIQ.com
- Suzanne Webb suzanne.webb@bookzurman.com
Chaired by John
Tuesday Q4
Opening Security WG Meeting
Attendees:
- John Moehrke John.Moehrke@gmail.com
- Alexander Mense alexander.mense@hl7.at
- Kathleen Connor Kathleen.connor@comcast.net
- Mike Davis mike.davis@va.gov
- Chris Shawn christopher.shawn@va.gov
- David Pyke david.pyke@readycomputing.com
- Andreas Schuler andreas.schuler@fh-hagenberg.at
- Harri Honko harri.honk@w2e.fi
- Kevin Shekleton kshekleton@cerner.com
- Elysa Jones elysa@honeycombIQ.com
- Suzanne Webb suzanne.webb@bookzurman.com
Chaired by John
Wednesday Q1
Joint w/ EHR, CBCC, FHIR, SOA, Security
See EHR Wiki for Minutes
- Agenda included indepth discussion about:
**NIST SP 800-53/800-63 Impacts on current Security and CBCC WG standards *** NIST SP 800-53/800-63 Impacts on current Security and CBCC WG standards *** NIST 800-53 Rev 5 Review Security and Privacy Controls for Information Systems and Organizations Initial Public Draft *** Understanding the Major Update to NIST SP 800-63: Digital Identity Guidelines ** Study Group for Secondary use of HIoT data ** Study Group for Minimum Necessary, Purpose of Use, and Healthcare Workflows
Wednesday Q2
Joint with SOA
Refer to SOA Wiki for minutes
- Agenda Items - Report out on:
PASS Audit Ballot Spreadsheet PASS Audit Ballot January 2017 Future PASS standards moving to Security
Wednesday Q3
Security WG deep FHIR topics
Attendees:
Chaired by xxxx
- Josh assigned FHIR Core team
- SMART on FHIR
- CDS-hooks security model
- Cascading OAuth - Add overview to the FHIR Security page based on links @ HIMSS 2017 page
- Security endorsement of CORS??? what conditions? What considerations? What alternatives (See Keith Boone)
https://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=13827 GF#13827
- Discuss John Moehrke’s Blog FHIR OAuth scope proposal using FHIR query parameters
Wednesday Q4
Security WG Project Meeting
Attendees:
Chaired by xxxx
- 10 minute introduction to PSS on Context Synchronization (Isaac Vetter) here: https://drive.google.com/open?id=165BU5ZmUyuwxz4kg2dtjRWkNM7o4u2PrdcIKSxP94Ts
- PASS Audit Ballot Reconciliation
Focused on Bernd Blobel’s comment dispositions. PASS Audit Ballot Spreadsheet
- TF4FA Ballot Reconciliation
Focused on Bernd Blobel’s comment dispositions. PASS Audit Ballot Spreadsheet PASS Audit Ballot January 2017 PASS Audit Ballot January 2017 Continue TF4FA Reconciliation November Harmonization Proposals
Thursday Q1
Security hosting CBCC, FHIR-I Joint on FHIR App Verification and FHIR Consent Resource
Attendees:
- Kathleen Connor VA kathleen.connor@comcast.net
- Neelima Chennemeja SAMHSA needlimaj70@gmail.com
- Mark Scrimshire mark@ckinemark.com
- David Pyke Ready Computing David Pyke@readycomputing.com
- John Moehrke John Moehrke@gmail.com
- Alexander Mense HL7 Austria alexandre.mense@hl7.at
- Andreas Schriler Andreas.Schriler@fh.ha…. (?)
- Reinhard Egelkraut reinhard.egelkraut@cgm.com
- Suzanne Gonzales-Webb VA suzanne.webb@bookzurman.com
- Trish Williams HL7 Australia/Flinders University patricia.williams@flinders.edu.au
- Anthony Chiarelli Achiarelli@r1solutions.com
- Chris Shawn VA Christopher.Shawn2@va.gov
- Michael Clifton mclifton@epic.com
- Isaac Vetter isaac@epic.com
- Dennis Patterson dennis.patterson@cerner.com
- Michael.Donnelly Michael.Donnelly@epic.com
- Hideyuki Miyohara HL7 Japan Miyohara.Hideyuki@ap.MitsubishiElectric.co
- Reuben Daniels reuben@saludex.com
- Tessa van Stijh NICTIZ stijh@nictiz.nl
- Martin Entwistle Ares Health Systems ment@areshs.com
- Mike Davis Mike.Davis@va.gov
- Joe Lamy Aegis/SSA joe.lamy@aegis.net
- Corey Spears Infer Corey.spears@info.com (?)
- Sean McIvenna Lantana sean@lantanagroup.com
Chaired by John
- vote on PSS on Context Synchronization (Isaac Vetter) here: https://drive.google.com/open?id=165BU5ZmUyuwxz4kg2dtjRWkNM7o4u2PrdcIKSxP94Ts
POET demonstration of a FHIR App Verification - Mark Scrimshire TENTATIVE: FHIR Consent Profile - Discussion (CBCC-Security) see Wiki:
- HL7 FHIR Consent Directive Project
- FHIR Consent Resource
Thursday Q2
General Meeting: SecWG Project Health and Administration
Attendees:
- John Moehrke John.Moehrke@gmail.com
- Alexander Mense alexander.mense@hl7.at
- Trish Williams patricia.williams@flinders.edu.au
- Hideyuki Miyohara Miyohara.Hideyuki@ap.MitsubishiElectric.co
WG Health
- Two items listed as over 120 days:
- Motion to extend the 1209 PSS with the FHIR rel 4 milestones with a new deadline of Dec 2018 subject to FHIR deadlines. Extend project end date Jan2019, next milestone is Jan 2018. Proposed by JM, Second AM, 3/0/0. We agreed this week that some tasks groups look at security configuration guidance, rather than turn-on-cause – and this would be in the project scope, Task group on application registration (from Q1) would also be under the same project 1209
- DAM milestone – need to ask Kathleen
- Updated to 3 yr plan – addition co-sponsor to Smart-On-FHIR Project Insight 1341; added SLS Version 2; and removed completed projects. Motion to accept the new 3 yr plan Proposed John, Seconded ALEX 3/0/0
- Uploaded DMP and updated 3-year plan to SecWG Homepage onHL7.org site
- Security Labelling Service – another type of service called The Legitimate Relationship Service was tried in the UK. ADT feed but was hindered by workflow incompatibility. As a workgroup we could socialise this as a potential service for privacy consent problems.
Chaired by Trish