Difference between revisions of "March 18, 2014 Security WG Conference Call"
| (One intermediate revision by the same user not shown) | |||
| Line 36: | Line 36: | ||
|| || [mailto:weida@apelon.com Tony Weida] || | || || [mailto:weida@apelon.com Tony Weida] || | ||
|- | |- | ||
| − | | || | + | | || |
| − | || || || | + | || || Paul (Mobile Health Work Group) ||x |
|| || ||. | || || ||. | ||
|- | |- | ||
| Line 71: | Line 71: | ||
HL7 V3 Normative Edition\HL7 2012 | HL7 V3 Normative Edition\HL7 2012 | ||
left hand pane > Foundations > Security > RBAC | left hand pane > Foundations > Security > RBAC | ||
| − | The document has not been edited for some time and we have contributers on the RBAC work who are not working on the current project. As a suggestion to the group, to create a new topic, but to have it say Security and Privacy and it would be a place wehre all our artifacts can be located. We have very few which are easily found in the V3 realm. Only one DAM is appearing | + | The document has not been edited for some time and we have contributers on the RBAC work who are not working on the current project. As a suggestion to the group, to create a new topic, but to have it say Security and Privacy and it would be a place wehre all our artifacts can be located. We have very few which are easily found in the V3 realm. Only one DAM is appearing here. If we were to be like other groups, i.e. regulated studies (RCIM); each topic has its own landing page. Don's suggestion was for Security to have a table of contents linking to each artifact and a list of the artifacts under the Security and Privacy topic. This also needs to be reviewed by CBCC were appropoirate. |
For the DAMs, you would also have a link from the list page. | For the DAMs, you would also have a link from the list page. | ||
Open for discussion. Advantage. | Open for discussion. Advantage. | ||
| − | + | Identity Assurance | |
| − | + | Kathleen has engaged in this work by producing and showing us a basic high level view of Trust Frameworks, and buckets of vocabularies that we would be interested in. She put detail into the Identity trust bucket. So, we also have some activities that ware going on and are driven by ONC. They’ve had a state HIE governance council that’s produced a report, available on the ONC site, which talks about their view of Trust Frameworks for the states. We’re looking at that against our more systematic approach. ONC’s stuff isn’t organized in any particular way. Kathleen has put out some information particular to Identity Assurance for us to look at. They’re strongly tied to NIST specifications, which I think is okay, but I’d like to get a more international view into this. I think we need to get some international input into this area. We have Kantara to look at as well, which basically imitates NIST, but it’s not a federal agency and has some gravitas of its own. That might be a good place to look at as well. I know there are standards for authentication. | |
| + | |||
| + | AUDIT LOGS | ||
| + | Kathleen - John, did you get a chance to look at the protocols? | ||
| + | |||
| + | John - I have not looked ahead, though I certainly would see if we can share the server that Mike and I had on the HIT Security and Privacy standards call that we had on Monday. It’s the second item where they’re saying we need to change the ability of what is auditable. | ||
| + | |||
| + | Mike - Typically, if you’re talking about audit, it has to be configured to “on.” I’m wondering if the intent of it was to say that the audit system had to be configured on. | ||
| + | |||
| + | John - This comes from a misunderstanding where people are seeing the audit logs and presuming it’s an all-encompassing audit log. I think the original change being proposed was NIST-directed. They were trying to say you can’t turn off the medical records audit log, and it unfortunately led to a change in the Security audit log. I think we should agree that the audit log should not be configurable. | ||
| + | |||
| + | Mike - When you use the product, the audit is not on. You turn it on, and then after you turn it on, you have to figure out what type of audit you want to select. I agree that there should be some audit types that should be on. These are pretty rare things. They tend to catch basic security issues. The rest of the audits should be manageable and configurable. The answer here is somewhat nuanced. | ||
| + | |||
| + | John - I think we need to say that the proposed change is a bad change. | ||
| + | |||
| + | |||
| + | MIND MAP - Diana | ||
| + | I started playing around with using the attributes in FreeMind to unclutter the mind map. I didn’t’ do it for all of them. I have misgivings in using attributes because to show selected attributes, doesn’t’ seem to work. I either have to show all or hide all. What I did discover was a nifty little Notes area, where you can add notes. I kind of put things in here with a question mark and I have note down here to include what my observation is and so forth. I think this note area is quite powerful and will be very useful in our efforts. I have done my best to group them in hierarchical fashion using the definitions that are there. In some cases, it was unclear, so I used my own best guess and made it up as I went along. There are multiple sub-ontologies within the Security and Privacy Ontology. Right now, this is what I have. Suzanne, do we have a way of posting this someplace for folks to review at their leisure? | ||
| + | Also, I have deidentify as the root, and pseudonymize and anonymize as the children as deidentify. I anticipate this will generate some conversation because I looked at the definition of derive, and the definition seemed to be related to create. I’ve put a note that there’s a disagreement on this one, deidentify. If I can, I’d like to go through other high level ones that we have agreement on. | ||
| + | * Should be place in gForge either in MindMap format or HTML for WG members to review and update (let Diana/Tony know so they can update); | ||
| + | Reviewing defintions of current data objects contained in the S&P Ontology so that when the are transferred over they are correct. | ||
| + | |||
| + | Paul: Mobile Health | ||
Latest revision as of 21:00, 1 April 2014
Attendees
| Member Name | Present | Member Name | Present | Member Name | Present | ||
|---|---|---|---|---|---|---|---|
| Mike Davis Security Co-chair | x | John Moehrke Security Co-chair | x | Trish Williams Security Co-chair | |||
| Bernd Blobel, Security Co-chair | . | Johnathan Coleman | Kathleen Connor | x | |||
| Duane DeCouteau | x | Reed Gelzer | . | Suzanne Gonzales-Webb CBCC Co-chair | |||
| Rick Grow | x | David Henkel | x | Mohammed Jafari | x | ||
| Don Jorgenson | . | Diana Proud-Madruga | x | Harry Rhodes | . | ||
| Ioana Singureanu | . | Richard Thoreson CBCC Co-chair | . | Ross Freeman | . | ||
| Amanda Nash | Walter Suarez | . | Tony Weida | ||||
| Paul (Mobile Health Work Group) | x | . | |||||
| . | . | . |
Agenda
- (05 min) Roll Call, Approve March 11, 2014 Security WG Conference Call Minutes & Accept Agenda
- (20 min) Security and Privacy Ontology / Mind Map - Diana/Tony
- (20 min) Restructure Security Topic in v.3 Normative Edition - Kathleen
- (05 min) EHR MU 2015 Voluntary requirements – HL7 Policy response - Kathleen
- (15 min) July Harmonization – LOA Trust Vocabulary and Security Glossary Mohammad found - Kathleen
- (05 min) Other business, action items
Meeting Minutes DRAFT
Next Agenda (30min) for John Moehrke Informative discussion on OAuth and OpenID Connect to be done next meeting to have a better understanding in the Security WG in those activities
Approved March 11, 2014 Security WG Conference Call Minutes & Accept Agenda
IHE has released for public comment
- DS4P US - National extension which is supposed to be alighted with the DS4P HL7 has completed (any deviations should be brought to light and fixed in the next iteration
- Handbook explaining how to utilize data elements analysis with reisk assessment and the various DeID pseduonomization to come up with a use case algorhythim and how to test if your algorhythim has done its job. it is intened to use to write profiles that write deID. i.e. within quality reporting.
ACTION ITEM: John Moehrke will forward the e-mail to the Security and CBCC listserve.
Restructure Security Topic in HL7 v.3 Normative Edition Kathleen had a discussion with Don Lloyd on possible restructuring the Security WG security topics. HL7 V3 Normative Edition\HL7 2012 left hand pane > Foundations > Security > RBAC The document has not been edited for some time and we have contributers on the RBAC work who are not working on the current project. As a suggestion to the group, to create a new topic, but to have it say Security and Privacy and it would be a place wehre all our artifacts can be located. We have very few which are easily found in the V3 realm. Only one DAM is appearing here. If we were to be like other groups, i.e. regulated studies (RCIM); each topic has its own landing page. Don's suggestion was for Security to have a table of contents linking to each artifact and a list of the artifacts under the Security and Privacy topic. This also needs to be reviewed by CBCC were appropoirate. For the DAMs, you would also have a link from the list page. Open for discussion. Advantage.
Identity Assurance Kathleen has engaged in this work by producing and showing us a basic high level view of Trust Frameworks, and buckets of vocabularies that we would be interested in. She put detail into the Identity trust bucket. So, we also have some activities that ware going on and are driven by ONC. They’ve had a state HIE governance council that’s produced a report, available on the ONC site, which talks about their view of Trust Frameworks for the states. We’re looking at that against our more systematic approach. ONC’s stuff isn’t organized in any particular way. Kathleen has put out some information particular to Identity Assurance for us to look at. They’re strongly tied to NIST specifications, which I think is okay, but I’d like to get a more international view into this. I think we need to get some international input into this area. We have Kantara to look at as well, which basically imitates NIST, but it’s not a federal agency and has some gravitas of its own. That might be a good place to look at as well. I know there are standards for authentication.
AUDIT LOGS Kathleen - John, did you get a chance to look at the protocols?
John - I have not looked ahead, though I certainly would see if we can share the server that Mike and I had on the HIT Security and Privacy standards call that we had on Monday. It’s the second item where they’re saying we need to change the ability of what is auditable.
Mike - Typically, if you’re talking about audit, it has to be configured to “on.” I’m wondering if the intent of it was to say that the audit system had to be configured on.
John - This comes from a misunderstanding where people are seeing the audit logs and presuming it’s an all-encompassing audit log. I think the original change being proposed was NIST-directed. They were trying to say you can’t turn off the medical records audit log, and it unfortunately led to a change in the Security audit log. I think we should agree that the audit log should not be configurable.
Mike - When you use the product, the audit is not on. You turn it on, and then after you turn it on, you have to figure out what type of audit you want to select. I agree that there should be some audit types that should be on. These are pretty rare things. They tend to catch basic security issues. The rest of the audits should be manageable and configurable. The answer here is somewhat nuanced.
John - I think we need to say that the proposed change is a bad change.
MIND MAP - Diana
I started playing around with using the attributes in FreeMind to unclutter the mind map. I didn’t’ do it for all of them. I have misgivings in using attributes because to show selected attributes, doesn’t’ seem to work. I either have to show all or hide all. What I did discover was a nifty little Notes area, where you can add notes. I kind of put things in here with a question mark and I have note down here to include what my observation is and so forth. I think this note area is quite powerful and will be very useful in our efforts. I have done my best to group them in hierarchical fashion using the definitions that are there. In some cases, it was unclear, so I used my own best guess and made it up as I went along. There are multiple sub-ontologies within the Security and Privacy Ontology. Right now, this is what I have. Suzanne, do we have a way of posting this someplace for folks to review at their leisure?
Also, I have deidentify as the root, and pseudonymize and anonymize as the children as deidentify. I anticipate this will generate some conversation because I looked at the definition of derive, and the definition seemed to be related to create. I’ve put a note that there’s a disagreement on this one, deidentify. If I can, I’d like to go through other high level ones that we have agreement on.
- Should be place in gForge either in MindMap format or HTML for WG members to review and update (let Diana/Tony know so they can update);
Reviewing defintions of current data objects contained in the S&P Ontology so that when the are transferred over they are correct.
Paul: Mobile Health
