This wiki has undergone a migration to Confluence found Here

Difference between revisions of "May 2, 2017 Security Conference Call"

From HL7Wiki
Jump to navigation Jump to search
 
Line 67: Line 67:
 
* Trust Framework and SLS (Kathleen and Mike Davis)  
 
* Trust Framework and SLS (Kathleen and Mike Davis)  
 
* Issue: How to establish a Trust Framework with Applications (app) when patients share health information  
 
* Issue: How to establish a Trust Framework with Applications (app) when patients share health information  
** Can an app be trusted when patient  
+
** Question: Can an app be trusted when patient shares health data with it?
 
** It is not up to the providers to dictate who they will share with
 
** It is not up to the providers to dictate who they will share with
 
** Applications (Apps) are not considered providers
 
** Applications (Apps) are not considered providers

Latest revision as of 16:32, 2 May 2017

Back to Security Main Page

Attendees

x Member Name x Member Name x Member Name x Member Name
. John MoehrkeSecurity Co-chair x Kathleen ConnorSecurity Co-chair . Alexander Mense Security Co-chair . Trish WilliamsSecurity Co-chair
x Mike Davis x Suzanne Gonzales-Webb x David Staggs x Mohammed Jafari
x Glen Marshall, SRS x Beth Pumo . Ioana Singureanu . Rob Horn
x Diana Proud-Madruga . Serafina Versaggi x Joe Lamy . Galen Mulrooney
. Duane DeCouteau . Chris Clark . Johnathan Coleman . Aaron Seib
. Ken Salyards . Christopher D Brown TX . Gary Dickinson x Dave Silver
x Rick Grow . William Kinsley . Paul Knapp x Mayada Abdulmannan
. Kamalini Vaidya . Bill Kleinebecker x Christopher Shawn . Grahame Grieve
. Oliver Lawless . Ken Rubin . David Tao . Nathan Botts

Back to Security Main Page

Agenda

  1. (2 min) Roll Call, Agenda Approval
  2. (4 min) Review and Approval of Security WG Call Minutes March 28, 2017
  3. (20 min) xxxxx - lead
  4. (5 min) FHIR Security Call - Please review front matter - John Moehrke

Minutes

  • Chaired by Kathleen
  • Agenda Approved
  • Minutes March 28, 2017 approved
  • Trust Framework and SLS (Kathleen and Mike Davis)
  • Issue: How to establish a Trust Framework with Applications (app) when patients share health information
    • Question: Can an app be trusted when patient shares health data with it?
    • It is not up to the providers to dictate who they will share with
    • Applications (Apps) are not considered providers
    • When patient shares with App from a Privacy point of view they are sharing the information with themselves
    • The Health Information is not protected
    • They are a transport which serve as a pass through
    • Patient information is not encrypted or protected when sharing with app
    • Controls should be established with app
    • SLS maybe a solution to implement Cascading OATH capabilities
    • From a privacy point of view if Patient info is sent to an application it would be treated as if Patient sent the info to themselvess
    • Organizations can take Privacy protection service
    • Comment (Beth): We should partner with Mobile Security for Mobile Health
    • Mobil Security Group will not be in the Madrid conference for the topic to be discussed on the agenda
    • Next Step: The Trust Framework Mobile App issue will be covered in the next iteration
  • FHIR Security Call - Please review front matter - John Moehrke
    • NTR
    • John was not present on the call
  • No call on May 2nd due to Madrid conference
  • Call adjourned