This wiki has undergone a migration to Confluence found Here
Difference between revisions of "June 24, 2014 Security WG Conference Call"
Jump to navigation
Jump to search
(6 intermediate revisions by the same user not shown) | |||
Line 17: | Line 17: | ||
|| .|| [mailto:Chris.R.Clark@wv.gov Chris Clark] | || .|| [mailto:Chris.R.Clark@wv.gov Chris Clark] | ||
||||.|| [mailto:jc@securityrs.com Johnathan Coleman]CBCC Co-Chair | ||||.|| [mailto:jc@securityrs.com Johnathan Coleman]CBCC Co-Chair | ||
− | |||| | + | ||||x|| [mailto:Kathleen_Connor@comcast.net Kathleen Connor] |
− | |||| | + | ||||o|| [mailto:duane.decouteau@gmail.com Duane DeCouteau] |
|- | |- | ||
Line 24: | Line 24: | ||
||||x|| [mailto:Suzanne.Webb@engilitycorp.com Suzanne Gonzales-Webb]CBCC Co-chair | ||||x|| [mailto:Suzanne.Webb@engilitycorp.com Suzanne Gonzales-Webb]CBCC Co-chair | ||
||||.|| [mailto:rgrow@technatomy.com Rick Grow] | ||||.|| [mailto:rgrow@technatomy.com Rick Grow] | ||
− | |||| | + | ||||.|| [mailto:dhenkel@technatomy.com David Henkel] |
|- | |- | ||
Line 59: | Line 59: | ||
==Agenda== | ==Agenda== | ||
# ''(05 min)'' Roll Call, Approval of Meeting Minutes | # ''(05 min)'' Roll Call, Approval of Meeting Minutes | ||
− | # ''( | + | # ''(05 min)'' '''PSS Patient Friendly Security and Privacy''' |
− | # ''(10 min)'' ''' | + | # ''(10 min)'' '''Update: Way with Verbs''' - Tony |
− | # ''(10 min'' ''' | + | # ''(10 min'' '''FHIR - Security Labeling Discussions''' ''issues'' |
− | # ''( | + | # ''(05 min)'' '''Other business, action items, and adjournment''' |
'''Minutes Summary''' | '''Minutes Summary''' | ||
− | * Meeting Minutes from 6/ | + | * Meeting Minutes from 6/17 meeting were unanimously approved by attendees. (0-0-5) |
+ | |||
+ | |||
+ | '''FHIR - Security Labeling Discussions''' ''issues'' | ||
+ | How does Security WG weigh in on the conversation | ||
+ | * make sure that John brings the conversation from FHIR into the Security WG | ||
+ | * from there the Security WG can produce, define a some guidelines with respect to FHIR to preclude some of the issues (such as the http headers and that type of item) | ||
+ | * consider the risk with some alternatives | ||
+ | * looking at persistence, changing labels that have been signed before--new capabilities | ||
+ | |||
+ | * need to produce an ongoing catalog of these issues and discussion, guidance | ||
+ | * Security-FHIR page to document these items | ||
+ | ** our position is to no use the http headers because of the white noise in the headers | ||
+ | ** if you only have a single resource and don't have an ?atom feed, then you cant...(16:00) | ||
+ | |||
+ | '''Update: Way with Verbs''' | ||
+ | No feedback received | ||
+ | * during the last EHR Interoperability calls, discussion on state diagrams showing how EHR life-cycle events relate to each other | ||
+ | * Steve H has a notion of how to organize the hierarchy with CRUDEA at the top level. Second level: Third level will include EHR verbs and ... verbs. | ||
+ | |||
+ | Harmonization meeting | ||
+ | * in order to make the July 6 submission we need to approve today or by next Tuesday July 1 | ||
+ | * Trust Policy | ||
+ | * No patient Refrain Policy | ||
+ | |||
+ | Motion to approve for final submission (Kathleen/Diana) | ||
+ | Objections to unanimous approval for these Harmonization proposals (final) be approved | ||
+ | No objections received, motion passes 0-0-4 | ||
+ | |||
+ | ISO is standing up a new TC that will go into effect on Jan 1, 2015 which will roll the societal security for counter measure control and ....(32:00) into one. | ||
+ | * also in the TC215 WG1 there may be some overlap with the HCS and SLS, a new work proposals for standard classification. | ||
+ | * unsure if this is a true conflict. | ||
+ | * we normally work with WG4 (and not WG1); | ||
+ | ** WG1 is primarily involved with ''cards'' ''ID cards'' | ||
+ | ** it may be that we have an overlapping conflict in security | ||
+ | ** we should monitor--there may be something we might want to use | ||
+ | |||
+ | |||
+ | '''PSS | ||
+ | |||
+ | |||
+ | |||
+ | Meeting adjourned at --[[User:Suzannegw|Suzannegw]] ([[User talk:Suzannegw|talk]]) 21:40, 24 June 2014 (UTC) |
Latest revision as of 22:16, 24 June 2014
Attendees
x | Member Name | x | Member Name | x | Member Name | x | Member Name | ||||
---|---|---|---|---|---|---|---|---|---|---|---|
x | Mike DavisSecurity Co-chair | . | John MoehrkeSecurity Co-chair | . | Trish WilliamsSecurity Co-chair | . | Bernd BlobelSecurity Co-chair | ||||
. | Chris Clark | . | Johnathan ColemanCBCC Co-Chair | x | Kathleen Connor | o | Duane DeCouteau | ||||
. | Reed Gelzer | x | Suzanne Gonzales-WebbCBCC Co-chair | . | Rick Grow | . | David Henkel | ||||
. | Mohammed Jafari | . | Don Jorgenson | . | Alexander Mense | . | Amanda Nash | ||||
. | Paul PetronelliMobile Health Security Co-chair | x | Diana Proud-Madruga | . | Harry Rhodes | , | Aaron Seib | ||||
. | Ioana Singureanu | . | Walter Suarez | x | Tony Weida | . | Paul PetronellimHealth Co-chair | ||||
. | . | . | . | . | . | . | . |
Agenda
- (05 min) Roll Call, Approval of Meeting Minutes
- (05 min) PSS Patient Friendly Security and Privacy
- (10 min) Update: Way with Verbs - Tony
- (10 min FHIR - Security Labeling Discussions issues
- (05 min) Other business, action items, and adjournment
Minutes Summary
- Meeting Minutes from 6/17 meeting were unanimously approved by attendees. (0-0-5)
FHIR - Security Labeling Discussions issues
How does Security WG weigh in on the conversation
- make sure that John brings the conversation from FHIR into the Security WG
- from there the Security WG can produce, define a some guidelines with respect to FHIR to preclude some of the issues (such as the http headers and that type of item)
- consider the risk with some alternatives
- looking at persistence, changing labels that have been signed before--new capabilities
- need to produce an ongoing catalog of these issues and discussion, guidance
- Security-FHIR page to document these items
- our position is to no use the http headers because of the white noise in the headers
- if you only have a single resource and don't have an ?atom feed, then you cant...(16:00)
Update: Way with Verbs No feedback received
- during the last EHR Interoperability calls, discussion on state diagrams showing how EHR life-cycle events relate to each other
- Steve H has a notion of how to organize the hierarchy with CRUDEA at the top level. Second level: Third level will include EHR verbs and ... verbs.
Harmonization meeting
- in order to make the July 6 submission we need to approve today or by next Tuesday July 1
- Trust Policy
- No patient Refrain Policy
Motion to approve for final submission (Kathleen/Diana) Objections to unanimous approval for these Harmonization proposals (final) be approved No objections received, motion passes 0-0-4
ISO is standing up a new TC that will go into effect on Jan 1, 2015 which will roll the societal security for counter measure control and ....(32:00) into one.
- also in the TC215 WG1 there may be some overlap with the HCS and SLS, a new work proposals for standard classification.
- unsure if this is a true conflict.
- we normally work with WG4 (and not WG1);
- WG1 is primarily involved with cards ID cards
- it may be that we have an overlapping conflict in security
- we should monitor--there may be something we might want to use
PSS
Meeting adjourned at --Suzannegw (talk) 21:40, 24 June 2014 (UTC)