This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

Difference between revisions of "July 25, 2017 Security Conference Call"

From HL7Wiki
Jump to navigation Jump to search
 
(4 intermediate revisions by 2 users not shown)
Line 6: Line 6:
 
!x||'''Member Name'''|| !!  x ||'''Member Name''' !!|| x ||'''Member Name''' !!|| x ||'''Member Name'''  
 
!x||'''Member Name'''|| !!  x ||'''Member Name''' !!|| x ||'''Member Name''' !!|| x ||'''Member Name'''  
 
|-
 
|-
||  .|| [mailto:JohnMoerke@gmail.com John Moehrke]Security Co-chair
+
||  x|| [mailto:JohnMoerke@gmail.com John Moehrke]Security Co-chair
 
||||x|| [mailto:Kathleen_Connor@comcast.net Kathleen Connor]Security Co-chair  
 
||||x|| [mailto:Kathleen_Connor@comcast.net Kathleen Connor]Security Co-chair  
 
||||.|| [mailto:mense@fhtw.onmicrosoft.com Alexander Mense] Security Co-chair
 
||||.|| [mailto:mense@fhtw.onmicrosoft.com Alexander Mense] Security Co-chair
Line 12: Line 12:
 
|-
 
|-
 
||  x|| [mailto:mike.davis@va.gov Mike Davis]
 
||  x|| [mailto:mike.davis@va.gov Mike Davis]
||||x|| [mailto:Suzanne.Webb@engilitycorp.com Suzanne Gonzales-Webb]
+
||||.|| [mailto:Suzanne.Webb@engilitycorp.com Suzanne Gonzales-Webb]
 
||||x|| [mailto:drs@securityrs.com David Staggs]
 
||||x|| [mailto:drs@securityrs.com David Staggs]
||||x|| [mailto:mjafari@edmondsci.com Mohammed Jafari]
+
||||.|| [mailto:mjafari@edmondsci.com Mohammed Jafari]
 
|-
 
|-
||  x|| [mailto:gfm@securityrs.com Glen Marshall], SRS
+
||  .|| [mailto:gfm@securityrs.com Glen Marshall], SRS
||||x|| [mailto:Beth.Pumo@kp.org Beth Pumo]
+
||||.|| [mailto:Beth.Pumo@kp.org Beth Pumo]
 
||||.|| [mailto:ioana.singureanu@gmail.com Ioana Singureanu]
 
||||.|| [mailto:ioana.singureanu@gmail.com Ioana Singureanu]
 
||||.|| [mailto:robert.horn@agfa.com Rob Horn]  
 
||||.|| [mailto:robert.horn@agfa.com Rob Horn]  
Line 23: Line 23:
 
||  x|| [mailto:Diana.Proud-Madruga@engilitycorp.com Diana Proud-Madruga]
 
||  x|| [mailto:Diana.Proud-Madruga@engilitycorp.com Diana Proud-Madruga]
 
||||.|| [mailto:serafina.versaggi@gmail.com Serafina Versaggi ]
 
||||.|| [mailto:serafina.versaggi@gmail.com Serafina Versaggi ]
||||x|| [mailto:joe.lamy@aegis.net Joe Lamy]
+
||||.|| [mailto:joe.lamy@aegis.net Joe Lamy]
 
||||.|| [mailto:Galen.Mulrooney@JPSys.com Galen Mulrooney]
 
||||.|| [mailto:Galen.Mulrooney@JPSys.com Galen Mulrooney]
 
|-
 
|-
Line 36: Line 36:
 
||||x|| [mailto:dsilver@electrosoft-inc.com Dave Silver]
 
||||x|| [mailto:dsilver@electrosoft-inc.com Dave Silver]
 
|-
 
|-
||  x|| [mailto:rgrow@technatomy.com Rick Grow]
+
||  .|| [mailto:rgrow@technatomy.com Rick Grow]
 
||||.|| [mailto:bkinsley@nextgen.com William Kinsley]
 
||||.|| [mailto:bkinsley@nextgen.com William Kinsley]
 
||||.|| [mailto:pknapp@pknapp.com Paul Knapp]   
 
||||.|| [mailto:pknapp@pknapp.com Paul Knapp]   
Line 53: Line 53:
 
|}
 
|}
 
[[Security|Back to Security Main Page]]
 
[[Security|Back to Security Main Page]]
 +
 
=='''Agenda'''==
 
=='''Agenda'''==
 
#''(2 min)'' '''Roll Call, Agenda Approval'''  
 
#''(2 min)'' '''Roll Call, Agenda Approval'''  
Line 61: Line 62:
 
#''(5 min)'' '''Review News and Reminders not previously discussed.''' - Kathleen to give quick overview of NCVHS Minimum Necessary Hearing and Recommendations, and potential relation to the ONC 21st Century Cures Act Trusted Exchange and Common Agreement so that interested workgroup members have background for further discussions in upcoming calls.  
 
#''(5 min)'' '''Review News and Reminders not previously discussed.''' - Kathleen to give quick overview of NCVHS Minimum Necessary Hearing and Recommendations, and potential relation to the ONC 21st Century Cures Act Trusted Exchange and Common Agreement so that interested workgroup members have background for further discussions in upcoming calls.  
 
#''(5 min)'' '''FHIR Security call scheduled''' - John Moehrke to provide details.
 
#''(5 min)'' '''FHIR Security call scheduled''' - John Moehrke to provide details.
 +
 +
 +
=='''Minutes'''==
 +
# John chaired
 +
#''(2 min)'' '''Roll Call, Agenda Approval''' -- Kathleen Connor/Diana: 7-0-0
 +
#''(4 min)'' ''' Review and Approval of [http://wiki.hl7.org/index.php?title=July_18,_2017_Security_Conference_Call Security WG Call Minutes July 18, 2017]''' --> Kathleen Connor/Mike Davis: 7-0-0
 +
#''(5 min)'' '''Need for one cochair to vote for FTSD cochair.  Russ Hamm is the only candidate. Request approval to cast a vote for Russ.  Deadline is July 30th.''' --> Kathleen Connor/Chris Shawn: 7-0-0
 +
#* Kathleen will convey Security WG vote to FTSD
 +
#''(30 min)'' '''Review [http://gforge.hl7.org/gf/project/security/docman/HL7%20Security%20Project%20Documents/Break%20Glass%20Emergency%20Access/HL7%20Break%20the%20Glass%20V3%200724%202017%20V2.docx Draft update to HL7 Break the Glass White Paper] - Mike Davis to lead review.  John Moehrke to lead on comments. Kathleen to discuss current vocabulary support and potential need for additiona. Looking for WG decision on next steps, e.g., publish as a Security WG document and add to FHIR Security discussions.  BTG Overview: This document updates previous HL7 information papers on the subject of Emergency Access.  It consolidates key ideas and suggests implementation strategies that are workable under a variety of emergency access use cases.
 +
#* John Comments - I reviewed your document. I think we need to get a bit more formal document structure as we go forward. This informal flow might have been good originally, but we should improve it. The document I reviewed (comments attached) needs to be more clean on how it defines the Problem (without specifying solution), the Abstract solution (without specific technologies), and then 'some' implementation experience with technical solutions. I say this because right away there is too much definition of concepts that is conflated with a solution choice. The problem statement should be only about "WHAT" is needed, it should not be about "HOW" that is achieved. This is important as there are many policy, technical, and procedural solutions to any one problem. In my view the most important purpose of this document is clearly define the concept of Break-the-Glass, less important is to define a single solution.
 +
#* I think we need to disambiguate this most of all. 1) Emergency Department access by those assigned to the Emergency Department (aka Emergency Room). 2) Regional Disaster – Where some man-made or natural disaster in a defined region has caused sub-optimal medical operations. 3) Professional opinion that life-or-limb is threatened. This professional opinion is a privilege, not necessarily given to all ‘users’.
 +
#* Note that most people I speak to are only using BTG with #3. They understand the other two are NOT uses of Break-the-Glass.
 +
#* I kind of like your more broad definition of BTG, such that it is any reason for a UI that warns the user about potential issue, but with appropriate confirmation from the user allows a request to continue.  You do seem to make clear that the general concept of BTG is not specifically medical, but a general concept of warning the user and allowing them to make an informed decision to continue. Where one use of this is for professional life-or-limb opinion overrides...
 +
#* Lastly, your distinction about Emergency Room access seems very wrong to me. Those that are scheduled to work in the Emergency Room are working under a Functional-Role; their purposeOfUse is Treatment... This is even true with those that are 'on call' and 'called' to help out during high loads. We should not conflate Functional-Role with PurposeOfUse.
 +
#* Should re-structure to be more clean: Problem Statement (WHAT), abstract solution (HOW), and examples of specific solutions (Document Sharing Federations - CareQuality, FHIR REST, etc?)
 +
# agenda add by Mike Davis -- Anonymization
 +
#* Given papers like Paul Ohm - Broken Promises of Privacy: esponding to th Surprising Failure of Anonymization -- http://www.uclalawreview.org/pdf/57-6-3.pdf -- 2010
 +
#* Because of big data and IoT, the possibility of aggregating enough non-sensitive data that you end up being able to extrapolate information that could be considered sensitive increases exponentially. - Diana
 +
#* Mike concerned that the new IoT and Big Data is undermining privacy
 +
#''(10 min)'' '''Kick Off Prep for September San Diego WGM''' - Kathleen. Check on attendance plans and featured session topics.
 +
#''(5 min)'' '''Review News and Reminders not previously discussed.''' - Kathleen to give quick overview of NCVHS Minimum Necessary Hearing and Recommendations, and potential relation to the ONC 21st Century Cures Act Trusted Exchange and Common Agreement so that interested workgroup members have background for further discussions in upcoming calls.
 +
#* Trust frameworks were discussed in principle but not specifics
 +
#''(5 min)'' '''FHIR Security call scheduled''' - John Moehrke to provide details.
 +
#* Yes we will meet
  
 
==News and Review Material==
 
==News and Review Material==
 
Discussion about [http://gforge.hl7.org/gf/project/security/docman/HL7%20Security%20Vocabulary/EHR%20Verbs/EHR.TSC.Vol18.rev.pdf Diagnosing and Treating Legal Ailments of the Electronic Health Record: Toward an Efficient and Trustworthy Process for Information Discovery and Release]''' Potential for renewing EHR/Security work on Lifecycle Vocabulary with Reed Gelzer moved to [http://wiki.hl7.org/index.php?title=August_1,_2017_Security_Conference_Call#Agenda August 1st call].
 
Discussion about [http://gforge.hl7.org/gf/project/security/docman/HL7%20Security%20Vocabulary/EHR%20Verbs/EHR.TSC.Vol18.rev.pdf Diagnosing and Treating Legal Ailments of the Electronic Health Record: Toward an Efficient and Trustworthy Process for Information Discovery and Release]''' Potential for renewing EHR/Security work on Lifecycle Vocabulary with Reed Gelzer moved to [http://wiki.hl7.org/index.php?title=August_1,_2017_Security_Conference_Call#Agenda August 1st call].
*Need to vote for FTSD cochair.  Russ Hamm is the only candidate.   
+
*Need to vote for FTSD cochair.  Russ Hamm is the only candidate.  
*Break the Glass related HL7 vocabulary: [http://gforge.hl7.org/gf/project/security/docman/Harmonization/July%202017%20Harmonization/Stds_20170711_FWK_TO6.1.4_Compartment_Vocabulary_Update.doc Compartment] amd [http://gforge.hl7.org/gf/project/security/docman/Harmonization/July%202017%20Harmonization/Stds_20170711_FWK_TO6.1.4_Incompetency_Override_Vocabulary_Update.doc Consent Override].  Likely need non-consent related override codes as act reasons. Likely need an additional AuditEvent element for action reason as no current ones seem suitable.
+
*John Moehrke's Break the Glass (BTG) Blogs: [https://healthcaresecprivacy.blogspot.com/2015/12/break-glass-on-fhir.html BTG Concept] and [https://healthcaresecprivacy.blogspot.com/2015/12/break-glass-on-fhir-solution.html BTG Solutions] The second article questions the BTG solution on the FHIR Security page, which is one of the reasons the Security WG is re-examining BTG.  The article suggests that experimentation needs to be done.  Might be good Connectathon Track for Security WG to take the lead on.
 +
*Break the Glass related HL7 vocabulary: [http://gforge.hl7.org/gf/project/security/docman/Harmonization/July%202017%20Harmonization/Stds_20170711_FWK_TO6.1.4_Compartment_Vocabulary_Update.doc Compartment] amd [http://gforge.hl7.org/gf/project/security/docman/Harmonization/July%202017%20Harmonization/Stds_20170711_FWK_TO6.1.4_Incompetency_Override_Vocabulary_Update.doc Consent Override].  Likely need non-consent related override codes as act reasons. Likely need an additional [http://build.fhir.org/auditevent.html AuditEvent] element for action reason to explain an [http://build.fhir.org/auditevent-definitions.html#AuditEvent.agent.purposeOfUse AuditEvent.purposeOfUse] as no current ones seem suitable.
 
*NCVHS Publications of Interest
 
*NCVHS Publications of Interest
 
**[https://www.ncvhs.hhs.gov/wp-content/uploads/2017/03/Framework-White-Paper-v9-2017-03-21.pdf NCVHS Health Data Framework The NCVHS Health Data Framework The NCVHS Health Data Framework March 21, 2016] NCVHS drafted two resources, a Data Structure and Methods Taxonomy to seed development of the Health Data Framework. These drafts offer a systematic approach to thinking, talking, and acting with respect to data. These resources also propose metadata to tag datasets to support re-use.
 
**[https://www.ncvhs.hhs.gov/wp-content/uploads/2017/03/Framework-White-Paper-v9-2017-03-21.pdf NCVHS Health Data Framework The NCVHS Health Data Framework The NCVHS Health Data Framework March 21, 2016] NCVHS drafted two resources, a Data Structure and Methods Taxonomy to seed development of the Health Data Framework. These drafts offer a systematic approach to thinking, talking, and acting with respect to data. These resources also propose metadata to tag datasets to support re-use.

Latest revision as of 20:00, 25 July 2017

Back to Security Main Page

Attendees

x Member Name x Member Name x Member Name x Member Name
x John MoehrkeSecurity Co-chair x Kathleen ConnorSecurity Co-chair . Alexander Mense Security Co-chair . Trish WilliamsSecurity Co-chair
x Mike Davis . Suzanne Gonzales-Webb x David Staggs . Mohammed Jafari
. Glen Marshall, SRS . Beth Pumo . Ioana Singureanu . Rob Horn
x Diana Proud-Madruga . Serafina Versaggi . Joe Lamy . Galen Mulrooney
. Duane DeCouteau . Chris Clark . Johnathan Coleman . Aaron Seib
. Ken Salyards . Christopher D Brown TX . Gary Dickinson x Dave Silver
. Rick Grow . William Kinsley . Paul Knapp x Mayada Abdulmannan
. Kamalini Vaidya . Bill Kleinebecker x Christopher Shawn . Grahame Grieve
. Oliver Lawless . Ken Rubin . David Tao . Nathan Botts

Back to Security Main Page

Agenda

  1. (2 min) Roll Call, Agenda Approval
  2. (4 min) Review and Approval of Security WG Call Minutes July 18, 2017
  3. (5 min) Need for one cochair to vote for FTSD cochair. Russ Hamm is the only candidate. Request approval to cast a vote for Russ. Deadline is July 30th. - Kathleen
  4. (30 min) Review Draft update to HL7 Break the Glass White Paper - Mike Davis to lead review. John Moehrke to lead on comments. Kathleen to discuss current vocabulary support and potential need for additiona. Looking for WG decision on next steps, e.g., publish as a Security WG document and add to FHIR Security discussions. BTG Overview: This document updates previous HL7 information papers on the subject of Emergency Access. It consolidates key ideas and suggests implementation strategies that are workable under a variety of emergency access use cases.
  5. (10 min) Kick Off Prep for September San Diego WGM - Kathleen. Check on attendance plans and featured session topics.
  6. (5 min) Review News and Reminders not previously discussed. - Kathleen to give quick overview of NCVHS Minimum Necessary Hearing and Recommendations, and potential relation to the ONC 21st Century Cures Act Trusted Exchange and Common Agreement so that interested workgroup members have background for further discussions in upcoming calls.
  7. (5 min) FHIR Security call scheduled - John Moehrke to provide details.


Minutes

  1. John chaired
  2. (2 min) Roll Call, Agenda Approval -- Kathleen Connor/Diana: 7-0-0
  3. (4 min) Review and Approval of Security WG Call Minutes July 18, 2017 --> Kathleen Connor/Mike Davis: 7-0-0
  4. (5 min) Need for one cochair to vote for FTSD cochair. Russ Hamm is the only candidate. Request approval to cast a vote for Russ. Deadline is July 30th. --> Kathleen Connor/Chris Shawn: 7-0-0
    • Kathleen will convey Security WG vote to FTSD
  5. (30 min) Review Draft update to HL7 Break the Glass White Paper - Mike Davis to lead review. John Moehrke to lead on comments. Kathleen to discuss current vocabulary support and potential need for additiona. Looking for WG decision on next steps, e.g., publish as a Security WG document and add to FHIR Security discussions. BTG Overview: This document updates previous HL7 information papers on the subject of Emergency Access. It consolidates key ideas and suggests implementation strategies that are workable under a variety of emergency access use cases.
    • John Comments - I reviewed your document. I think we need to get a bit more formal document structure as we go forward. This informal flow might have been good originally, but we should improve it. The document I reviewed (comments attached) needs to be more clean on how it defines the Problem (without specifying solution), the Abstract solution (without specific technologies), and then 'some' implementation experience with technical solutions. I say this because right away there is too much definition of concepts that is conflated with a solution choice. The problem statement should be only about "WHAT" is needed, it should not be about "HOW" that is achieved. This is important as there are many policy, technical, and procedural solutions to any one problem. In my view the most important purpose of this document is clearly define the concept of Break-the-Glass, less important is to define a single solution.
    • I think we need to disambiguate this most of all. 1) Emergency Department access by those assigned to the Emergency Department (aka Emergency Room). 2) Regional Disaster – Where some man-made or natural disaster in a defined region has caused sub-optimal medical operations. 3) Professional opinion that life-or-limb is threatened. This professional opinion is a privilege, not necessarily given to all ‘users’.
    • Note that most people I speak to are only using BTG with #3. They understand the other two are NOT uses of Break-the-Glass.
    • I kind of like your more broad definition of BTG, such that it is any reason for a UI that warns the user about potential issue, but with appropriate confirmation from the user allows a request to continue. You do seem to make clear that the general concept of BTG is not specifically medical, but a general concept of warning the user and allowing them to make an informed decision to continue. Where one use of this is for professional life-or-limb opinion overrides...
    • Lastly, your distinction about Emergency Room access seems very wrong to me. Those that are scheduled to work in the Emergency Room are working under a Functional-Role; their purposeOfUse is Treatment... This is even true with those that are 'on call' and 'called' to help out during high loads. We should not conflate Functional-Role with PurposeOfUse.
    • Should re-structure to be more clean: Problem Statement (WHAT), abstract solution (HOW), and examples of specific solutions (Document Sharing Federations - CareQuality, FHIR REST, etc?)
  6. agenda add by Mike Davis -- Anonymization
    • Given papers like Paul Ohm - Broken Promises of Privacy: esponding to th Surprising Failure of Anonymization -- http://www.uclalawreview.org/pdf/57-6-3.pdf -- 2010
    • Because of big data and IoT, the possibility of aggregating enough non-sensitive data that you end up being able to extrapolate information that could be considered sensitive increases exponentially. - Diana
    • Mike concerned that the new IoT and Big Data is undermining privacy
  7. (10 min) Kick Off Prep for September San Diego WGM - Kathleen. Check on attendance plans and featured session topics.
  8. (5 min) Review News and Reminders not previously discussed. - Kathleen to give quick overview of NCVHS Minimum Necessary Hearing and Recommendations, and potential relation to the ONC 21st Century Cures Act Trusted Exchange and Common Agreement so that interested workgroup members have background for further discussions in upcoming calls.
    • Trust frameworks were discussed in principle but not specifics
  9. (5 min) FHIR Security call scheduled - John Moehrke to provide details.
    • Yes we will meet

News and Review Material

Discussion about Diagnosing and Treating Legal Ailments of the Electronic Health Record: Toward an Efficient and Trustworthy Process for Information Discovery and Release Potential for renewing EHR/Security work on Lifecycle Vocabulary with Reed Gelzer moved to August 1st call.

  • Need to vote for FTSD cochair. Russ Hamm is the only candidate.
  • John Moehrke's Break the Glass (BTG) Blogs: BTG Concept and BTG Solutions The second article questions the BTG solution on the FHIR Security page, which is one of the reasons the Security WG is re-examining BTG. The article suggests that experimentation needs to be done. Might be good Connectathon Track for Security WG to take the lead on.
  • Break the Glass related HL7 vocabulary: Compartment amd Consent Override. Likely need non-consent related override codes as act reasons. Likely need an additional AuditEvent element for action reason to explain an AuditEvent.purposeOfUse as no current ones seem suitable.
  • NCVHS Publications of Interest
    • NCVHS Health Data Framework The NCVHS Health Data Framework The NCVHS Health Data Framework March 21, 2016 NCVHS drafted two resources, a Data Structure and Methods Taxonomy to seed development of the Health Data Framework. These drafts offer a systematic approach to thinking, talking, and acting with respect to data. These resources also propose metadata to tag datasets to support re-use.
    • NCVHS Recommendation on the HIPAA Minimum Necessary Standard November 9, 2016
    • The Committee’s overarching recommendation is that HHS should update its guidance on the minimum necessary standard to incorporate changes to HIPAA introduced by legislation since the Privacy Rule became effective, and to address known barriers to effective implementation. To that end, the Committee offers ten recommendations. The first six address substantive issues with the minimum necessary standard or implementation specifications that should be addressed in updated guidance. These are:
      • Recommendation 1: HHS should clarify the independent obligations of business associates to comply with the minimum necessary standard and should develop specific guidance and instruction for business associates in this regard. HHS should also develop guidance for covered entities on oversight of business associate compliance with minimum necessary obligations.
      • Recommendation 2: HHS should clarify the breach notification requirements pertaining to violations of the minimum necessary standard. HHS’ guidance should define the circumstances under which a breach of the minimum necessary standard occurs, at what level reporting is mandatory, and what types of enforcement may be expected for different violations.
      • Recommendation 3: HHS should clarify the elements of an adequate “specific justification” that is required to use, disclose, or request a patient’s entire medical record. For example, HHS should illustrate with specific examples, use cases, or analytic methodologies circumstances that may legitimately warrant the use or disclosure of entire medical records and the justification that would be adequate to support each. The guidance also could recommend any special assurances about privacy and data security that covered entities should seek before supplying data for such uses.
      • Recommendation 4: HHS should require covered entities and business associates to adopt a list of criteria they will consider, a procedure for evaluating a request in accordance with the criteria, and a governance structure that provides oversight of the minimum necessary determination process.
      • Recommendation 5: The Committee recommends that HHS make no change to the current exception to the minimum necessary standard for treatment. **Recommendation 6: In developing new Minimum Necessary guidance(s), HHS should specifically address the application of the minimum necessary standard to HIPAA named transaction standards for administrative functions pertaining to payment and operations. In particular, HHS’s guidance should address the applicability of the minimum necessary standard to new transactions, such as those involving attachments, and data exchanges involved in fulfilling alternative payment models.
  • NCVHS Hearing on HIPAA Minimum Necessary Standard June 6, 2016
Retrieved from "https://wiki.hl7.org/w/index.php?title=July_25,_2017_Security_Conference_Call&oldid=142897"