This wiki has undergone a migration to Confluence found Here
Difference between revisions of "March 29, 2016 Security Conference Call"
Jump to navigation
Jump to search
| Line 77: | Line 77: | ||
Note that there will be a FHIR Security call at 2pm PT/5pm ET | Note that there will be a FHIR Security call at 2pm PT/5pm ET | ||
See agenda at [http://wiki.hl7.org/index.php?title=HL7_FHIR_Security_2016-26-05 FHIR Security Agenda] | See agenda at [http://wiki.hl7.org/index.php?title=HL7_FHIR_Security_2016-26-05 FHIR Security Agenda] | ||
| + | |||
| + | |||
| + | ==Minutes== | ||
| + | |||
| + | # Chaired by Alex | ||
| + | # Minutes Approved (Diana, Suzanne ) 2/0/0 | ||
| + | # Privacy & Security by Design - update''' - Rick | ||
| + | * Second meeting held with Project Team with ERB, CBCC, and Security | ||
| + | *Produce Class Diagrams using UML Modeling | ||
| + | *Started with the first term consent Privacy term that will be interval for the design of the implementation guide | ||
| + | * privacy Ensured Privacy was captured in the implementation Guide | ||
| + | * Work continues, trading comments and feedback through email | ||
| + | * Second Meeting will be held at 5 p.m., link provided below: | ||
| + | #Joint project meetings (ARB, CBCC, Security) held Tuesdays at 5 p.m. Eastern. [http://www.hl7.org/concalls/CallDetails.aspx?concall=30475 Meeting information and invite] | ||
| + | * Reached to Ann Wizower with HL7 Standard Governance board to confirm the items and scope with the PSS are within the boundaries and expected scope per Kathleen's recommendation last week | ||
| + | * Once feedback and evote is received from the Governance Board the PSS will then be delivered back to CBCC they will then take a vote on being sponsor of the project | ||
| + | *Project work is ongoing | ||
| + | |||
| + | # PASS Access Control Services Conceptual Model''' - Diana | ||
| + | * Received commands from Burke | ||
| + | *Mike Davis, Kathleen Connor, Dave Silver and Diana met last week to come up with possible solutions to open issues. | ||
| + | *Eight open issues remain | ||
| + | *First comment recommendation to change disposition to persuasive and the clarification to identify and Check that all references are accurate. | ||
| + | *Second comment recommendation to only reference ISOIC 10746, per Mike Davis recommendation Diana will present it to SOA to see how strongly they feel that Safe is referenced in the Standard. | ||
| + | *Third comment is to delete the section as it is not necessary per suggestion of Burt. per Burt suggested standards be referenced as in his original comments. | ||
| + | *Comment 15 we accepted Burt's proposed wording | ||
| + | *Comment 19 it was confirmed the definition was wrong as in the original objection, the statement will be replacing the definition from ISO 22600-2 which addressed first issue of Original comment. Second comment required that Burt needed a refrained policy scenario added. Possible solution for the second comment recommended by Kathleen during the meeting is to consider the Obligation scenario covers refrained policy and mandates. Mike Davis requested more time to review possible recommendations. | ||
| + | * Per a conversation with Dave Silver the article that covers the food principal, the ACS and the document are loosely related and may not be mapped. However, it maybe possible to reference capabilities in the functional model at a high level and reference documentation. | ||
| + | Question (John): Do we need a predefined trust model? | ||
| + | Answer (Mike Davis): We have a predefined policy where everyone is in the security domain, but was not the original intent. VA had work with PSS for Trust | ||
| + | # Joint Vocabulary Alignment Update''' - Diana | ||
| + | * | ||
| + | # PASS Audit Conceptual Model – Diana | ||
| + | * | ||
| + | # FHIR Security report out - John | ||
| + | * | ||
Revision as of 04:54, 5 April 2016
Back to Security Work Group Main Page
Attendees
| x | Member Name | x | Member Name | x | Member Name | |||
|---|---|---|---|---|---|---|---|---|
| x | Kathleen ConnorSecurity Co-chair | . | Duane DeCouteau | . | Chris Clark | |||
| x | John MoehrkeSecurity Co-chair | . | Johnathan Coleman | . | Aaron Seib | |||
| . | Alexander Mense Security Co-chair | . | Ken Salyards | . | Christopher D Brown TX | |||
| . | Trish WilliamsSecurity Co-chair | . | Gary Dickinson | x | Dave Silver | |||
| Mike Davis | . | Ioana Singureanu | . | Mohammed Jafari | ||||
| x | Suzanne Gonzales-Webb | . | Rob Horn | . | Galen Mulrooney | |||
| x | Diana Proud-Madruga | . | Ken Rubin | . | William Kinsley | |||
| x | Rick Grow | . | Paul Knapp | x | Mayada Abdulmannan | |||
| x | Glen Marshall, SRS | . | Bill Kleinebecker | . | Christopher Shawn | |||
| . | Oliver Lawless | . | [mailto | . | Serafina Versaggi | |||
| x | Beth Pumo | . | Russell McDonell | . | Paul Petronelli , Mobile Health | |||
| . | Christopher Doss | . | Kamalini Vaidya | . | [mailto: TBD ] |
Agenda DRAFT
- ( 5 min) Roll Call, Agenda Approval
- ( 5 min) Approve Security WG March 22, 2016 Minutes
- (10 min) Privacy & Security by Design - update - Rick
- Joint project meetings (ARB, CBCC, Security) held Tuesdays at 5 p.m. Eastern. Meeting information and invite
- ( 5 min) PASS Access Control Services Conceptual Model - Diana
- ( 5 min) Joint Vocabulary Alignment Update - Diana
- ( 5 min) PASS Audit Conceptual Model – Diana
- ( 5 min) FHIR Security report out - John
Note that there will be a FHIR Security call at 2pm PT/5pm ET See agenda at FHIR Security Agenda
Minutes
- Chaired by Alex
- Minutes Approved (Diana, Suzanne ) 2/0/0
- Privacy & Security by Design - update - Rick
- Second meeting held with Project Team with ERB, CBCC, and Security
- Produce Class Diagrams using UML Modeling
- Started with the first term consent Privacy term that will be interval for the design of the implementation guide
- privacy Ensured Privacy was captured in the implementation Guide
- Work continues, trading comments and feedback through email
- Second Meeting will be held at 5 p.m., link provided below:
- Joint project meetings (ARB, CBCC, Security) held Tuesdays at 5 p.m. Eastern. Meeting information and invite
- Reached to Ann Wizower with HL7 Standard Governance board to confirm the items and scope with the PSS are within the boundaries and expected scope per Kathleen's recommendation last week
- Once feedback and evote is received from the Governance Board the PSS will then be delivered back to CBCC they will then take a vote on being sponsor of the project
- Project work is ongoing
- PASS Access Control Services Conceptual Model - Diana
- Received commands from Burke
- Mike Davis, Kathleen Connor, Dave Silver and Diana met last week to come up with possible solutions to open issues.
- Eight open issues remain
- First comment recommendation to change disposition to persuasive and the clarification to identify and Check that all references are accurate.
- Second comment recommendation to only reference ISOIC 10746, per Mike Davis recommendation Diana will present it to SOA to see how strongly they feel that Safe is referenced in the Standard.
- Third comment is to delete the section as it is not necessary per suggestion of Burt. per Burt suggested standards be referenced as in his original comments.
- Comment 15 we accepted Burt's proposed wording
- Comment 19 it was confirmed the definition was wrong as in the original objection, the statement will be replacing the definition from ISO 22600-2 which addressed first issue of Original comment. Second comment required that Burt needed a refrained policy scenario added. Possible solution for the second comment recommended by Kathleen during the meeting is to consider the Obligation scenario covers refrained policy and mandates. Mike Davis requested more time to review possible recommendations.
- Per a conversation with Dave Silver the article that covers the food principal, the ACS and the document are loosely related and may not be mapped. However, it maybe possible to reference capabilities in the functional model at a high level and reference documentation.
Question (John): Do we need a predefined trust model? Answer (Mike Davis): We have a predefined policy where everyone is in the security domain, but was not the original intent. VA had work with PSS for Trust
- Joint Vocabulary Alignment Update - Diana
- PASS Audit Conceptual Model – Diana
- FHIR Security report out - John
