This wiki has undergone a migration to Confluence found Here
Difference between revisions of "November 20, 2018 Security Conference Call"
Jump to navigation
Jump to search
(→Agenda) |
(→Agenda) |
||
| (9 intermediate revisions by 3 users not shown) | |||
| Line 10: | Line 10: | ||
|| .|| [mailto:JohnMoerke@gmail.com John Moehrke] Security Co-chair | || .|| [mailto:JohnMoerke@gmail.com John Moehrke] Security Co-chair | ||
||||x|| [mailto:Kathleen_Connor@comcast.net Kathleen Connor] Security Co-chair | ||||x|| [mailto:Kathleen_Connor@comcast.net Kathleen Connor] Security Co-chair | ||
| − | |||| | + | ||||.|| [mailto:mense@fhtw.onmicrosoft.com Alexander Mense] Security Co-chair |
||||.|| [mailto:trish.williams@ecu.edu.au Trish Williams] Security Co-chair | ||||.|| [mailto:trish.williams@ecu.edu.au Trish Williams] Security Co-chair | ||
|-. | |-. | ||
|| x|| [mailto:Christopher.Shawn2@va.gov Christopher Shawn] Security Co-chair | || x|| [mailto:Christopher.Shawn2@va.gov Christopher Shawn] Security Co-chair | ||
||||x|| [mailto:Suzanne.Webb@bookzurman.com Suzanne Gonzales-Webb] | ||||x|| [mailto:Suzanne.Webb@bookzurman.com Suzanne Gonzales-Webb] | ||
| − | |||| | + | ||||.|| [mailto:mike.davis@va.gov Mike Davis] |
| − | |||| | + | ||||x|| [mailto:david.staggs@bookzurman.com David Staggs] |
|- | |- | ||
|| x|| [mailto:Diana.Proud-Madruga@electro-soft.com Diana Proud-Madruga] | || x|| [mailto:Diana.Proud-Madruga@electro-soft.com Diana Proud-Madruga] | ||
||||.|| [mailto:jc@securityrs.com Johnathan Coleman] | ||||.|| [mailto:jc@securityrs.com Johnathan Coleman] | ||
| − | |||| | + | ||||.|| [mailto:fjaureui@electrosoft-inc.com Francisco Jauregui] |
| − | |||| | + | ||||.|| [mailto:joe.lamy@aegis.net Joe Lamy] |
|- | |- | ||
| − | || | + | || x|| [mailto:acg.internasjonal@protonmail.com Theresa Ardal Connor] |
||||.|| [mailto:glinden@lindentechadvisiors.com Greg Linden] | ||||.|| [mailto:glinden@lindentechadvisiors.com Greg Linden] | ||
||||.|| [mailto:grahameg@gmail.com Grahame Grieve] | ||||.|| [mailto:grahameg@gmail.com Grahame Grieve] | ||
||||x|| [mailto:dsilver@electrosoft-inc.com Dave Silver] | ||||x|| [mailto:dsilver@electrosoft-inc.com Dave Silver] | ||
|- | |- | ||
| − | ||. | + | ||. .|| [mailto:Beth.Pumo@kp.org Beth Pumo] |
||||.|| [mailto:jim.kretz@samhsa.gov Jim Kretz] | ||||.|| [mailto:jim.kretz@samhsa.gov Jim Kretz] | ||
||||.|| [mailto:pbspamfilteracct@gmail.com Peter Bachman] | ||||.|| [mailto:pbspamfilteracct@gmail.com Peter Bachman] | ||
| − | |||| | + | ||||.|| [mailto:peter.van.liesdonk@phillips.com Peter VanLiesdonk] |
|- | |- | ||
| Line 43: | Line 43: | ||
#''(2 min)'' '''Roll Call, Agenda Approval''' | #''(2 min)'' '''Roll Call, Agenda Approval''' | ||
#''(5 min)'' '''[http://wiki.hl7.org/index.php?title=November_13,_2018_Security_Conference_Call Review and Approval of Minutes November 13, 2018] | #''(5 min)'' '''[http://wiki.hl7.org/index.php?title=November_13,_2018_Security_Conference_Call Review and Approval of Minutes November 13, 2018] | ||
| − | #''(10 min)'' ''' | + | #''(10 min)'' '''Update on PASS Audit''' - Mike |
| − | #''(10 min)'' '''Update | + | #''(10 min)'' '''Update on TF4FA Vol 3 Provenance Ballot Prep''' - Mike/Chris |
#''(10 min)'' '''GDPR whitepaper on FHIR''' Update, reminder of new call schedule - Alex | #''(10 min)'' '''GDPR whitepaper on FHIR''' Update, reminder of new call schedule - Alex | ||
#''(10 min)'' '''FHIR Security call update''' - John | #''(10 min)'' '''FHIR Security call update''' - John | ||
| Line 51: | Line 51: | ||
==Meeting Minutes== | ==Meeting Minutes== | ||
| − | Meeting Chair - | + | Meeting Chair - ChrisS |
| + | Reviewed Agenda/role taken | ||
| + | |||
'''Meeting Minute Approval''' - November 13, 2018 | '''Meeting Minute Approval''' - November 13, 2018 | ||
| + | Motion to approve (Kathleen/Suzanne) | ||
| + | Objections: none; Abstentions: none; Approve | ||
| + | |||
| + | '''PASS Audit Update''' | ||
| + | * Uploaded the PASS Audit reconciliation spreadsheet from January 2017 and requested withdrawals | ||
| + | * Bernd requested updates to see updates made to the document; which we have responded they are in the works | ||
| + | * Per Lynne Laakso, we are past publication due date – which means we need to rebalot | ||
| + | ** Mention through SOA working group, we were under the assumption that we were working on a publication extension—but that had not happened’ | ||
| + | * We are planning reballot in May 2019 – this gives us time to put in NIB, adjust anything if needed. | ||
| + | **We have been looked at context of entire privacy and security architecture framework so rather than call it part of TF4FA, considered making it a volume 4; in addition to the current 3 volumes in trust framework which would specifically devoted to provenance | ||
| + | ** Bernd concerns of mashup of OMG, MDA methodology of involving SOA which he prefers, that this confusion will be addressed in the first two volumes of TF4FA, by removing references to of either methodology on how the services work. (Kathleen's understanding) | ||
| + | * Clarification asked of Dave Silver/Diana Proud-Madruga | ||
| + | ** per Diana --that is her understanding. | ||
| + | *Question: (ChrisS) Provenance Volume 3 sites audit; since we are talking about audit as Volume 4 was that a sequential issue/any alignment problem that needs to be done before publication/final is sent out? | ||
| + | ** idea was to align them; if references were not specific enough to impact the content of the volume/provenance; we’re very close to the final content for the upcoming ballot | ||
| + | * (ChrisS) DaveS have you considered the final ballot consideration on making changes where audit might go? | ||
| + | **(Dave)siting something that hasn’t been published is of course an issue; the fundamentals have not changed. Provenance is still aligned with volume 3/confirmed by Diana – although unsure if the sequence is going to be an issue or not | ||
| + | ** maybe say that a volume 4 is under development (if there are audit referencing issues) | ||
| + | |||
| + | '''GDPR White Paper on FHIR''' | ||
| + | * change of time is more reasonable at 12ET | ||
| + | * Peter Liesdonk (Netherlands) had worked within his affiliates (Phillips) on requirements for codes around GDPR; | ||
| + | ** Kathleen is working with them for current codes - to prepare for harmonization, good evaluation completed | ||
| + | ** several GDPR codes completed during last harmonization; additional will bae added to March 2019 harmonization because there are several policies that need to be covered with GDPR in place | ||
| + | * lots of progress made; bringing forward to final | ||
| + | |||
| + | |||
| + | '''FHIR Security Call''' | ||
| + | * In process of doing a QA sweep of Privacy and Security section on FHIR; everyone is invited to review and send comments to John | ||
| + | * looking for typos, broken links and the like | ||
| + | |||
| + | Comments questions on the last two items? none expressed | ||
| + | |||
| + | No additional topics brought up for discussion | ||
| + | |||
| + | Motion made to adjourn (Kathleen) | ||
| + | Meeting adjourned at 1317 Arizona Time --[[User:Suzannegw|Suzannegw]] ([[User talk:Suzannegw|talk]]) 15:17, 20 November 2018 (EST) | ||
Latest revision as of 20:41, 25 November 2018
Attendees
| x | Member Name | x | Member Name | x | Member Name | x | Member Name | |||
|---|---|---|---|---|---|---|---|---|---|---|
| . | John Moehrke Security Co-chair | x | Kathleen Connor Security Co-chair | . | Alexander Mense Security Co-chair | . | Trish Williams Security Co-chair | |||
| x | Christopher Shawn Security Co-chair | x | Suzanne Gonzales-Webb | . | Mike Davis | x | David Staggs | |||
| x | Diana Proud-Madruga | . | Johnathan Coleman | . | Francisco Jauregui | . | Joe Lamy | |||
| x | Theresa Ardal Connor | . | Greg Linden | . | Grahame Grieve | x | Dave Silver | |||
| . . | Beth Pumo | . | Jim Kretz | . | Peter Bachman | . | Peter VanLiesdonk |
Agenda
- (2 min) Roll Call, Agenda Approval
- (5 min) Review and Approval of Minutes November 13, 2018
- (10 min) Update on PASS Audit - Mike
- (10 min) Update on TF4FA Vol 3 Provenance Ballot Prep - Mike/Chris
- (10 min) GDPR whitepaper on FHIR Update, reminder of new call schedule - Alex
- (10 min) FHIR Security call update - John
Meeting Minutes
Meeting Chair - ChrisS Reviewed Agenda/role taken
Meeting Minute Approval - November 13, 2018 Motion to approve (Kathleen/Suzanne) Objections: none; Abstentions: none; Approve
PASS Audit Update
- Uploaded the PASS Audit reconciliation spreadsheet from January 2017 and requested withdrawals
- Bernd requested updates to see updates made to the document; which we have responded they are in the works
- Per Lynne Laakso, we are past publication due date – which means we need to rebalot
- Mention through SOA working group, we were under the assumption that we were working on a publication extension—but that had not happened’
- We are planning reballot in May 2019 – this gives us time to put in NIB, adjust anything if needed.
- We have been looked at context of entire privacy and security architecture framework so rather than call it part of TF4FA, considered making it a volume 4; in addition to the current 3 volumes in trust framework which would specifically devoted to provenance
- Bernd concerns of mashup of OMG, MDA methodology of involving SOA which he prefers, that this confusion will be addressed in the first two volumes of TF4FA, by removing references to of either methodology on how the services work. (Kathleen's understanding)
- Clarification asked of Dave Silver/Diana Proud-Madruga
- per Diana --that is her understanding.
- Question: (ChrisS) Provenance Volume 3 sites audit; since we are talking about audit as Volume 4 was that a sequential issue/any alignment problem that needs to be done before publication/final is sent out?
- idea was to align them; if references were not specific enough to impact the content of the volume/provenance; we’re very close to the final content for the upcoming ballot
- (ChrisS) DaveS have you considered the final ballot consideration on making changes where audit might go?
- (Dave)siting something that hasn’t been published is of course an issue; the fundamentals have not changed. Provenance is still aligned with volume 3/confirmed by Diana – although unsure if the sequence is going to be an issue or not
- maybe say that a volume 4 is under development (if there are audit referencing issues)
GDPR White Paper on FHIR
- change of time is more reasonable at 12ET
- Peter Liesdonk (Netherlands) had worked within his affiliates (Phillips) on requirements for codes around GDPR;
- Kathleen is working with them for current codes - to prepare for harmonization, good evaluation completed
- several GDPR codes completed during last harmonization; additional will bae added to March 2019 harmonization because there are several policies that need to be covered with GDPR in place
- lots of progress made; bringing forward to final
FHIR Security Call
- In process of doing a QA sweep of Privacy and Security section on FHIR; everyone is invited to review and send comments to John
- looking for typos, broken links and the like
Comments questions on the last two items? none expressed
No additional topics brought up for discussion
Motion made to adjourn (Kathleen) Meeting adjourned at 1317 Arizona Time --Suzannegw (talk) 15:17, 20 November 2018 (EST)
