This wiki has undergone a migration to Confluence found Here

Difference between revisions of "November 19, 2018 GDPR whitepaper on FHIR call"

From HL7Wiki
Jump to navigation Jump to search
 
Line 7: Line 7:
 
!x||'''Member Name'''|| !!  x ||'''Member Name''' !!|| x ||'''Member Name''' !!|| x ||'''Member Name'''  
 
!x||'''Member Name'''|| !!  x ||'''Member Name''' !!|| x ||'''Member Name''' !!|| x ||'''Member Name'''  
 
|-
 
|-
||  .|| [mailto:JohnMoerke@gmail.com John Moehrke] Security Co-chair
+
||  X|| [mailto:JohnMoerke@gmail.com John Moehrke] Security Co-chair
||||.|| [mailto:Kathleen_Connor@comcast.net Kathleen Connor] Security Co-chair  
+
||||X|| [mailto:Kathleen_Connor@comcast.net Kathleen Connor] Security Co-chair  
||||.|| [mailto:mense@fhtw.onmicrosoft.com Alexander Mense] Security Co-chair
+
||||X|| [mailto:mense@fhtw.onmicrosoft.com Alexander Mense] Security Co-chair
 
||||.|| [mailto:trish.williams@ecu.edu.au Trish Williams] Security Co-chair
 
||||.|| [mailto:trish.williams@ecu.edu.au Trish Williams] Security Co-chair
 
|-.
 
|-.
 
||  .|| [mailto:Christopher.Shawn2@va.gov Christopher Shawn] Security Co-chair
 
||  .|| [mailto:Christopher.Shawn2@va.gov Christopher Shawn] Security Co-chair
||||.|| [mailto:david.pyke@readycomputing.com David Pyke] CBCP Co-Chair
+
||||X|| [mailto:david.pyke@readycomputing.com David Pyke] CBCP Co-Chair
||||.|| [mailto:giorgio.cangioli@gmail.com Giorgio Cangioli]
+
||||X|| [mailto:giorgio.cangioli@gmail.com Giorgio Cangioli]
 
||||.|| [mailto:joseph.lamy@ssa.gov Joe Lamy]
 
||||.|| [mailto:joseph.lamy@ssa.gov Joe Lamy]
 
   
 
   
 
|-
 
|-
||  .|| [mailto:peter.van.liesdonk@philips.com Peter van Liesdonk]
+
||  X|| [mailto:peter.van.liesdonk@philips.com Peter van Liesdonk]
 
||||.|| [mailto:  ]
 
||||.|| [mailto:  ]
 
||||.|| [mailto:  ]
 
||||.|| [mailto:  ]

Latest revision as of 16:57, 26 November 2018

Back to Security GDPR Page

Attendees

x Member Name x Member Name x Member Name x Member Name
X John Moehrke Security Co-chair X Kathleen Connor Security Co-chair X Alexander Mense Security Co-chair . Trish Williams Security Co-chair
. Christopher Shawn Security Co-chair X David Pyke CBCP Co-Chair X Giorgio Cangioli . Joe Lamy
X Peter van Liesdonk . [mailto: ] . [mailto: ] . [mailto: ]

Back to Security GDPR Page

Agenda

  1. (5 min) Roll Call, Agenda Approval
  2. (10 min) Presentation Proposal "Purpose of Processing" (Peter) (link: https://docs.google.com/document/d/1rIHhL5FTIFVD9EGgW70SkElfsMH9ofHoDuYnVHMOZF4/edit?usp=sharing)
  3. (20 min) Harmonization discussion - PoU vs. Purpose of Processing
  4. (10 min) IPS uses case - current state (Georgio) (link: https://docs.google.com/document/d/1j8tWH52kEg_D_V2G8CXbKajfmidIk8P24HUbH0pHKjQ/edit?usp=sharing)
  5. (5 min) Reminder - open issues from WGM, still to be addressed:

Are update events to be reported in a transparency report? Depth of Provenance

Operations: Graham poposes to define an erasure operation that takes a Patient or Person. It returns rejected. Success. Or partial success.... (question: is there a need for it to report what it deleted? Or what it didn't? Nevertheless, it does need to report external recipients)

Is there a need for a Operation for transparency: i.e. a search on AuditEvents?

Do we need a CapabilityStatement like resource that describes server data retention rules. Possibly useful for client too to state the client need.

We might need to address Break-Glass as a healthcare safety mechanism.


Links:

Harmonization proposal:

https://gforge.hl7.org/gf/project/security/docman/Harmonization/Nov%202018%20Harmonization/2018JulyHARM%20Initial%20PROPOSAL%20SECURITY%20v3%20and%20v2%20Table%200717%20Privacy%20Law%20and%20Consent%20Directive%20codes%20v2%20GDPR.doc

https://gdpr-info.eu/art-6-gdpr/

https://gdpr-info.eu/art-9-gdpr/

Link to Confluence page: http://confluence.hl7.org/display/SEC/FHIR+-+GDPR

Meeting Minutes (DRAFT)