This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

July 07, 2015 Security WG Conference Call

From HL7Wiki
Revision as of 14:25, 14 July 2015 by Rgrow (talk | contribs) (→‎Meeting Minutes)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Attendees

x Member Name x Member Name x Member Name
x Mike DavisSecurity Co-chair . Duane DeCouteau . Chris Clark
x John MoehrkeSecurity Co-chair Johnathan Coleman . Aaron Seib
x Alexander Mense Security Co-chair Ken Salyards x Christopher Brown TX
. Trish WilliamsSecurity Co-chair . Gary Dickinson . Tim McKay
x Kathleen Connor . Ioana Singureanu . Mohammed Jafari
x Suzanne Gonzales-Webb Darrell Woelk . Galen Mulrooney
x Diana Proud-Madruga Grahame Grieve x William Kinsley
x Rick Grow Chethan Makoahalli Lloyd McKenzie

Back to Security Main Page

Agenda DRAFT

  1. ( 5 min) Roll Call, Agenda Approval
  2. ( 5 min) Approve June 30, Meeting Minutes,
  3. ( 5 min) PASS Access Control Conceptual Model (SOA) - Diana, Don Jorgenson
    1. (10 min) Project Scope Statement - PASS Access Control - Mike/Diana (standing agenda item)
  4. (10 min) ACS model - Mike *deferred due to full agenda*
  5. (10 min) PSAF project - Update (tracking, standing agenda item)
  6. ( 5 min) Vocabulary Alignment Project update - Diana/Reed/Mike
  7. ( 5 min) Status of Provenance and AuditEvent subcommittee -- Kathleen/John
  8. ( 25 min) FHIR Security Discussion Items ready for a Vote
    1. 6048 Signature should allow device resources (Keith Boone) Persuasive
    2. 8039 2015May core #1364 - Update the provenance resource to support a digital signature that references the digital certificate resource (Robert Dieterle) Not Persuasive
    3. 7752 2015May core #1073 - Replace value set with FHIR Signer Type value set (Kathleen Connor) Not Persuasive
  9. ( 5 min) FHIR -- Items asking for Policy statements, where recommend that no specific Policy statement be given.
    1. 7572 2015May core #863 - Explain business-specific details of update (Ioana Singureanu) None
    2. 7683 2015May core #974 - Add security guidance for 'read' (Ioana Singureanu) None
    3. 7685 2015May core #976 - Add authorization qualifier to 'vread' (Ioana Singureanu) None
    4. 7686 2015May core #977 - Add authorization qualifier to 'update' (Ioana Singureanu) None
    5. 7687 2015May core #978 - Add authorization qualifier to 'history' (Ioana Singureanu) None
    6. 7688 2015May core #979 - Add authorization qualifier to 'delete' (Ioana Singureanu) None
    7. 8165 2015May core #975b - Add authorization qualifier to 'read' (Ioana Singureanu) None
  10. ( 5 min) October 2015 HL7 WGM - Atlanta, Georgia USA - agenda items
    1. Please send any agenda items to Suzanne

Meeting Minutes

Approval of June 30 meeting minutes (Suzanne/Mike)

Unanimous approval

PASS Access Control Services Conceptual Model (SOA) - Diana

  • Project Scope Statement for PASS Access Control passed (Mike/Diana)

MOTION: To approve PSS for PASS Access Control as presented in the previous hour at the CBCC meeting. Abstentions: 0, Objections: 0, Approval: 9

  • Updated project scope statement will be sent to the CBCC/Security WGs via listserve

Vocabulary Alignment - Diana

  • The EHR Interoperability WG meetings are on hiatus, resuming on July 14th per e-mail from Reed Gelzer
  • Kathleen proposed creating the value set and to use the data operations as part of the value set, and then use the terms that the EHR WG wants – with some good definitions – and have a value set from which you could choose or mix and match to describe the provenance events.
    • Kathleen added: "I think maybe we should just go ahead and start working on a Vocabulary Harmonization Proposal and bring in what we already have as data operations. We’ve got great definitions. We should align them and try to get the EHR WG to give us their definitions for their terms."
  • Mike said that "the EHR vocabulary is just unacceptable. It’s poorly crafted and poorly defined. It’s unusable. But Gary’s going ahead with making it an ISO standard."
  • John agreed with Kathleen that "the outcome of the Vocabulary Alignment project is likely input to the Provenance work."

Action Item - Suzanne to add PASS Access Control Services Conceptual Model and PSAF projects as Security WG standing agenda items


FHIR Security Discussion Items ready for a Vote

Tracker item ID 6048 6048 Signature should allow device resources (Keith Boone) Persuasive

MOTION to approve 6048: (Alex/Debbie)

Objections: 0, Abstentions: 0, Approval: 9


Tracker Item ID 8039 8039 2015May core #1364 - Update the provenance resource to support a digital signature that references the digital certificate resource (Robert Dieterle) Not Persuasive

Recommendation to vote as not persuasive (per JohnM)

MOTION to declare 8039 as not persuasive (Diana/Bill)

Objections: 0, Abstentions: 0, Approval: 9


Tracker Item ID 7752 7752 2015May core #1073 - Replace value set with FHIR Signer Type value set (Kathleen Connor) Not Persuasive (moved to FM - financial management)

VOTE: none taken


Meeting adjourned at 1301 PDT --Suzannegw (talk) 16:02, 7 July 2015 (EDT)