This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

Difference between revisions of "July 12, 2016 Security Conference Call"

From HL7Wiki
Jump to navigation Jump to search
Line 79: Line 79:
 
==Minutes==
 
==Minutes==
 
* Chaired by John
 
* Chaired by John
* Approve Security WG June 28, 2016 Minutes (Approved: Mike, Suzane)  
+
* Approve Security WG June 28, 2016 Minutes (Approved: Mike, Suzanne)  
 
* Update on the PSAF Security Policy model - Mike, Dave
 
* Update on the PSAF Security Policy model - Mike, Dave
 
- Presentation was shared during the call:  
 
- Presentation was shared during the call:  
Line 125: Line 125:
 
- No one can change the record without all the approval of all stakeholders
 
- No one can change the record without all the approval of all stakeholders
 
* John's Comments: Once a Block chain has been signed, it would prevent any change in the Blockchain, much like digital signature. It is a public measure by the set of peers, who would explain what their signature means or what they agree or not agree with in the chain.
 
* John's Comments: Once a Block chain has been signed, it would prevent any change in the Blockchain, much like digital signature. It is a public measure by the set of peers, who would explain what their signature means or what they agree or not agree with in the chain.
 +
- John has a White paper on the topic of Blockchain and included link in the chat, Kathleen will link it to the Trust link
 +
 +
Approvals:
 +
 +
* John: we received confirmation we are to approve cochairs for FTFP of Paul Map (John, and Kathleen approved)
 +
*  Kathleen:  Mike and Dave have been updating the policy driven architecture on Domain Analysis.  a paper by Sunday on PSAF
 +
- I submitted the PSAF document to on Sunday for September Ballot, waiting on confirmation
 +
- (Kathleen and Mike Approved)

Revision as of 17:56, 19 July 2016

Back to Security Work Group Main Page

Attendees

x Member Name x Member Name x Member Name
Kathleen ConnorSecurity Co-chair . Duane DeCouteau . Chris Clark
X John MoehrkeSecurity Co-chair . Johnathan Coleman . Aaron Seib
. Alexander Mense Security Co-chair . Ken Salyards . Christopher D Brown TX
. Trish WilliamsSecurity Co-chair . Gary Dickinson . Dave Silver
x Mike Davis . Ioana Singureanu X Mohammed Jafari
x Suzanne Gonzales-Webb x Rob Horn . Galen Mulrooney
x Diana Proud-Madruga . Ken Rubin . William Kinsley
. Rick Grow . Paul Knapp . Mayada Abdulmannan
x Glen Marshall, SRS . Bill Kleinebecker . Christopher Shawn
. Oliver Lawless x Grahame Grieve . Serafina Versaggi
. Beth Pumo . Russell McDonell . Paul Petronelli , Mobile Health
. Christopher Doss . Kamalini Vaidya . [mailto: TBD ]

Back to Security Main Page

Agenda DRAFT

  1. (2 min) Roll Call, Agenda Approval
  2. (3 min) Approve Security WG June 28, 2016 Minutes
  3. (10 min) Update on the PSAF Security Policy model - Mike
  4. (5 min) Standards Privacy Impact Assessment Cookbook - Rick
  5. (5 min) PASS Access Control Services Conceptual Model - Diana
  6. (5 min) PASS Audit Conceptual Model – Diana
  7. (10 min) HL7 Trust wiki Blockchain updates and new Kantara Blockchain & Smart Contracts Discussion Group, which meets 2 times a week for .5 hour to develop Blockchain, Smart Contracts, and Ledger Technologies use cases and briefing paper recommending next steps. call information
  8. (2 min) Action Items, next call agenda, adjournment

Note that there will be a FHIR Security call at 5pm ET See agenda at FHIR Security Agenda

Minutes

  • Chaired by John
  • Approve Security WG June 28, 2016 Minutes (Approved: Mike, Suzanne)
  • Update on the PSAF Security Policy model - Mike, Dave

- Presentation was shared during the call: - Dave Sliver, Chris Shawn, and Mike Davis continued work on PSAF - Main Level includes Privacy Security material beginning with High level Trust Framework Policy - This Expand trust framework introducing trust policies, level assurance, trust certificates, and remainder modeling -Input Policies are dependent on Harmonization policy -Trust Framework would establish the elements of Trust supported by the contract - Could have two or more Domain names, each domain would have its own set of policies - Through Trust Framework there is a harmonization between each Domain -

  • Standards Privacy Impact Assessment Cookbook - Rick

- The PSS was approved the TFC - Updating document Ballot based on comments from SW and CBCC - Document will be send out to both groups to review and comment and send back by Thursday COB - New comments will be incorporated to send out by Sunday Deadline to HL7

  • PASS Access Control Services Conceptual Model - Diana

- Completed all updates - reviewing doc - Expect to complete at the end of the week, will send out for final review to group - Obtain final confirmation from Barrett to withdraw negative vote -seeking to seeking publication by the end of July

  • PASS Audit Conceptual Model – Diana

- We have meetings on Wednesdays - Sent out Meeting invite to SOA, CBCC, and Security list serve - Set up a wiki site and in process of loading supporting docs in wiki and Gforge - Ken Ruben (SOA) sent out email to cochairs on cloud Survey

  • HL7 Trust wiki Blockchain updates and new Kantara Blockchain & Smart Contracts Discussion Group, which meets 2 times a week for .5 hour to develop Blockchain, Smart Contracts, and Ledger Technologies use cases and briefing paper recommending next steps. call information
  • Kathleen/Blockchain:

- We've been following different Trust Framework - We have a Wiki page with the list of Trust Framework and efforts on Blockchain - ONC sent out a challenge/White Paper for Blockchain with implications on Health - New Kantara looking at usecases related to Health and Trust - New effort on patience owning data control - Smart contracts to enable health care consumers negotiating consent with providers and none covered entities - Canada has a group that developed tools for Canadians to obtain info from different entities based - Monitoring these efforts and emerging approach to Trust and Provenance and Health information on validation and access - David: If you not a U.S. Federal Agency , you can still register a paper on Blockchain through the ONC announcement

  • Mike Davis Comments: It is a Providence approach, and would like to see how FHIR would be factored in the approach.

- It is not like a digital signature, but rather verifying the info is correct and all the parties involved in the chain can verify he info is correct. - All Participants are responsible in the sharing of Data integrity - No one can change the record without all the approval of all stakeholders

  • John's Comments: Once a Block chain has been signed, it would prevent any change in the Blockchain, much like digital signature. It is a public measure by the set of peers, who would explain what their signature means or what they agree or not agree with in the chain.

- John has a White paper on the topic of Blockchain and included link in the chat, Kathleen will link it to the Trust link

Approvals:

  • John: we received confirmation we are to approve cochairs for FTFP of Paul Map (John, and Kathleen approved)
  • Kathleen: Mike and Dave have been updating the policy driven architecture on Domain Analysis. a paper by Sunday on PSAF

- I submitted the PSAF document to on Sunday for September Ballot, waiting on confirmation - (Kathleen and Mike Approved)