This wiki has undergone a migration to Confluence found Here

Difference between revisions of "March 21, 2017 Security Conference Call"

From HL7Wiki
Jump to navigation Jump to search
 
Line 70: Line 70:
  
 
==''' Minutes '''==
 
==''' Minutes '''==
 +
* Chaired by Kathleen
 +
* Agenda Approved
 +
* Review and Approval of Security WG Call Minutes March 7, 2017 and Security WG Call Minutes March 14, 2017 (Approved 7th and 14th minutes)
 +
* New meeting service - Transition to FreeConferenceCall.com (FCC): Beginning March 28 the web meeting will change to https://www.freeconferencecall.com
 +
Online Meeting ID: security36
 +
** Information provided beginning March 28th Free Conference
 +
Dial-in Number: (515) 604-9567 Access Code: 880898
 +
** Updated on Security Wiki home page top banner - K
 +
** input security 36 to join meeting
 +
* TF4FA May ballot development roadmap Submission Deadline + 3/26 (Mike Davis)
 +
** Updates will include comments for volume I to appear in May Ballot
 +
** Volume II Behavioral Model will be part of the informative Ballot for May
 +
** Volume II will be presented to group
 +
** Question (Dave): What is the deadline to submit?
 +
** Answer: next week 3/26, but may not be hard deadline prior to ballot. Kathleen Will check on the date with Lynn . (Mike Davis)
 +
* Review Draft HL7 Patient Generated Health Data (PGHD)Comments- Diana
 +
** Provided High level Summary:
 +
** Comments were made on PTHD definition
 +
** Patient right of access are asked to be addressed more specifically
 +
** Providence was asked to be addressed more specifically
 +
** Research challenges on control of sharing information
 +
** Does the patient have control over which Data can be shared? Are there controls? (Labeling or Masking Data)
 +
** Mike Davis Comment: VA is in the process of implementing an SLS to support patient needs
 +
** Does Patient Right of access, does it allow patient to say what data can be shared? eg: Vendors agree to create a portal to choose meaningful use data
 +
** Definition for Patient Generated Health Data was provided by Kathleen and was submitted (Diana)
 +
* Project Scope Statement - Medical Devices Security - deferring follow up of outreach to Medical Device WG until ballot recons are completed- Kathleen
 +
** Skipped
 +
* [gforge ballot spreadsheet - HL7 PASS Audit Ballot Reconciliation Update] - Diana
 +
** Comments from DoD were reviewed, 2 sets of comments (Duplicates)
 +
** Majority of comments were persuasive or persuasive with Mod
 +
** Only comment deemed not persuasive: In Pass Audit we have the Audit Functional Model with two capabilities, a third capability is recommended:
 +
** Recommendation: Audit Service should pin a Audit Client to determine the Audit is enabled
 +
** Mike Davis Comment: The Audit Client is configured with Audit On, if Audit is turned off it will send out a pin tot Audit service that it is off. It does not need to specified with a separate capability.  (Non-persuasive with Mod)
 +
** Symantec Requirements were changed to Disclosure
 +
** Capability of Complete Audit Record is upto the implementer to determine if it is complete since there is no international standard
 +
** Motion Passed: 53-88 (Rick, Diana)
 +
* Security Labeling Service Revision Update - Diana
 +
** NTR
 +
* No FHIR Security Call this week - Please review front matter - http://build.fhir.org/secpriv-module.html

Latest revision as of 18:57, 28 March 2017

Back to Security Main Page

Attendees

x Member Name x Member Name x Member Name x Member Name
. John MoehrkeSecurity Co-chair x Kathleen ConnorSecurity Co-chair . Alexander Mense Security Co-chair . Trish WilliamsSecurity Co-chair
x Mike Davis x Suzanne Gonzales-Webb x David Staggs x Mohammed Jafari
x Glen Marshall, SRS x Beth Pumo . Ioana Singureanu . Rob Horn
x Diana Proud-Madruga . Serafina Versaggi x Joe Lamy . Galen Mulrooney
. Duane DeCouteau . Chris Clark . Johnathan Coleman . Aaron Seib
. Ken Salyards . Christopher D Brown TX . Gary Dickinson x Dave Silver
x Rick Grow . William Kinsley . Paul Knapp x Mayada Abdulmannan
. Kamalini Vaidya . Bill Kleinebecker x Christopher Shawn . Grahame Grieve
. Oliver Lawless . Ken Rubin . David Tao . Nathan Botts

Back to Security Main Page

Agenda

  1. (2 min) Roll Call, Agenda Approval
  2. (4 min) Review and Approval of Security WG Call Minutes March 7, 2017 and Security WG Call Minutes March 14, 2017
  3. (10 min) New meeting service - Transition to FreeConferenceCall.com (FCC): Beginning March 28 the web meeting will change to https://www.freeconferencecall.com
  • Online Meeting ID: security36
  • Dial-in Number: (515) 604-9567 Access Code: 880898

Updated on Security Wiki home page top banner - K

  1. (10 min) TF4FA May ballot development roadmap Submission Deadline + 3/26
  2. (10 min) Review Draft HL7 Patient Generated Health Data (PGHD)Comments- Diana
  3. (2 min) Project Scope Statement - Medical Devices Security - deferring follow up of outreach to Medical Device WG until ballot recons are completed- Kathleen
  4. (2 min) [gforge ballot spreadsheet - HL7 PASS Audit Ballot Reconciliation Update] - Diana
  5. (2 min) Security Labeling Service Revision Update - Diana
  6. (2 min) No FHIR Security Call this week - Please review front matter - http://build.fhir.org/secpriv-module.html


Minutes

  • Chaired by Kathleen
  • Agenda Approved
  • Review and Approval of Security WG Call Minutes March 7, 2017 and Security WG Call Minutes March 14, 2017 (Approved 7th and 14th minutes)
  • New meeting service - Transition to FreeConferenceCall.com (FCC): Beginning March 28 the web meeting will change to https://www.freeconferencecall.com

Online Meeting ID: security36

    • Information provided beginning March 28th Free Conference

Dial-in Number: (515) 604-9567 Access Code: 880898

    • Updated on Security Wiki home page top banner - K
    • input security 36 to join meeting
  • TF4FA May ballot development roadmap Submission Deadline + 3/26 (Mike Davis)
    • Updates will include comments for volume I to appear in May Ballot
    • Volume II Behavioral Model will be part of the informative Ballot for May
    • Volume II will be presented to group
    • Question (Dave): What is the deadline to submit?
    • Answer: next week 3/26, but may not be hard deadline prior to ballot. Kathleen Will check on the date with Lynn . (Mike Davis)
  • Review Draft HL7 Patient Generated Health Data (PGHD)Comments- Diana
    • Provided High level Summary:
    • Comments were made on PTHD definition
    • Patient right of access are asked to be addressed more specifically
    • Providence was asked to be addressed more specifically
    • Research challenges on control of sharing information
    • Does the patient have control over which Data can be shared? Are there controls? (Labeling or Masking Data)
    • Mike Davis Comment: VA is in the process of implementing an SLS to support patient needs
    • Does Patient Right of access, does it allow patient to say what data can be shared? eg: Vendors agree to create a portal to choose meaningful use data
    • Definition for Patient Generated Health Data was provided by Kathleen and was submitted (Diana)
  • Project Scope Statement - Medical Devices Security - deferring follow up of outreach to Medical Device WG until ballot recons are completed- Kathleen
    • Skipped
  • [gforge ballot spreadsheet - HL7 PASS Audit Ballot Reconciliation Update] - Diana
    • Comments from DoD were reviewed, 2 sets of comments (Duplicates)
    • Majority of comments were persuasive or persuasive with Mod
    • Only comment deemed not persuasive: In Pass Audit we have the Audit Functional Model with two capabilities, a third capability is recommended:
    • Recommendation: Audit Service should pin a Audit Client to determine the Audit is enabled
    • Mike Davis Comment: The Audit Client is configured with Audit On, if Audit is turned off it will send out a pin tot Audit service that it is off. It does not need to specified with a separate capability. (Non-persuasive with Mod)
    • Symantec Requirements were changed to Disclosure
    • Capability of Complete Audit Record is upto the implementer to determine if it is complete since there is no international standard
    • Motion Passed: 53-88 (Rick, Diana)
  • Security Labeling Service Revision Update - Diana
    • NTR
  • No FHIR Security Call this week - Please review front matter - http://build.fhir.org/secpriv-module.html