This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

Difference between revisions of "Security"

From HL7Wiki
Jump to navigation Jump to search
 
(395 intermediate revisions by 9 users not shown)
Line 1: Line 1:
 +
<div style="background-color: white; border: 1px solid red; margin: 4px; padding: 2px; font-weight: bold; text-align: center;">
 +
Current Content related to this page can be found on Confluence [https://confluence.hl7.org/display/SEC/Security+Work+Group Here]</div>
 +
 
{| {{table}}
 
{| {{table}}
 
{| border="10"
 
{| border="10"
| align="center" width="380pt" style="background:#f0f0f0;"|'''Leadership'''
+
| align="center" width="200pt" style="background:#f0f0f0;"|'''Leadership'''
| align="center" width="340pt" style="background:#f0f0f0;"|'''Governance'''
+
| align="center" width="200pt" style="background:#f0f0f0;"|'''Governance'''
| align="center" width="380pt" style="background:#f0f0f0;"|'''Weekly_Meeting_Information'''
+
| align="center" width="200pt" style="background:#f0f0f0;"|'''Weekly_Meeting_Information'''
 
|-
 
|-
 
|-valign="top"
 
|-valign="top"
Line 9: Line 12:
 
[mailto:mense@technikum-wien.at Alexander Mense] - Program Director Information Management und IT-Security University of Applied Sciences Technikum Wien
 
[mailto:mense@technikum-wien.at Alexander Mense] - Program Director Information Management und IT-Security University of Applied Sciences Technikum Wien
  
[mailto:mike.davis@va.gov Mike Davis] - U.S. Department of Veterans Affairs
+
[mailto:kathleen_connor@comcast.net Kathleen Connor] - VHA Security Architecture – Framework Engineering (Book Zurman Inc.)
 +
 
 +
[mailto:JohnMoehrke@gmail.com John Moehrke] - By-Light Professional IT Services, Inc
  
[mailto:john.moehrke@med.ge.com John Moehrke] - GE Healthcare IT
+
[mailto:patricia.williams@flinders.edu.au Trish Williams PhD] - Flinders University 
  
[mailto:trish.williams@ecu.edu.au Trish Williams PhD] - Edith Cowan University & HL7 Australia   
+
[mailto:Christopher.Shawn2@va.gov Christopher Shawn] - VHA Security Architecture
  
 
||
 
||
Security Decision Making Processes
+
[http://gforge.hl7.org/gf/project/security/docman/HL7%20Security%20WG%20Administrative%20Documents/Security%20WG%20Mission%20and%20Charter/2017%20HL7%20Security%20WG%20Mission%20and%20Charter%20v4.doc Security Mission & Charter 2017]
 +
 
 +
[http://gforge.hl7.org/gf/project/security/docman/HL7%20Security%20WG%20Administrative%20Documents/May%202017%20Madrid%20Admin/Security%20HL7%20WG%20DMP%20V6.0%202017.docx Security Decision Making Processes 2017]
  
Security Mission Statement
+
[http://www.hl7.org/documentcenter/public/wg/secure/HL7%20Security%20SWOT%20Sep%202016.doc SWOT Sep 2016]
  
Security SWOT
+
[[Security 3-Year Plan]]
  
[[Security 3-Year Plan]]
+
[http://www.hl7tsc.org/wiki/index.php?title=Foundation_%26_Technology_Steering_Division_Home Infrastructure Steering Division Home]
||
 
  
Weekly, '''Tuesday at 5 pm EST''' (2 pm PST)
+
[[Relevant HL7 Policies and Procedures]]
  
Conference Audio: '''770-657-9270,''' Access: '''845692''';
+
[https://confluence.hl7.org/display/SEC/Security+Work+Group Security Confluence]
 +
||
  
[https://meet.RTC.VA.GOV/suzanne.gonzales-webb/675VH9D9 On-Line Meeting Link]
+
Weekly, '''Tuesday at 3 pm EST''' (12 pm PST)
 +
Beginning March 28 -    [https://join.freeconferencecall.com/security36 Security WG FreeConference web meeting]
 +
* [https://www.freeconferencecall.com/join/security36 Online Meeting Link]
 +
* Dial-in Number: (515) 604-9567 Access Code: 880898
  
 +
Call Weekly Call Agenda Links below on this home page.
 +
''' ''Please be aware that teleconference meetings are recorded to assist with creating the meeting minutes'' '''
 
|}
 
|}
  
  
==Weekly Meeting Information==
+
[[Category:Foundation_and_Technology_Steering_Division]]
+
[http://www.hl7tsc.org/wiki/index.php?title=Foundation_%26_Technology_Steering_Division_Home Foundation and Technology Steering Division Home Page]
** '''NEW:  Join online meeting:  https://meet.RTC.VA.GOV/suzanne.gonzales-webb/675VH9D9 '''
 
 
 
[[Category:Work_Group]]
 
[[Category:Work_Group]]
  
==Current Security Calendar==
+
==Security WGM Calendar and Minutes==
* Upcoming '''[[HL7 WGM MAY 2014 - Phoenix, Arizona USA Security WG]] - May 4-9, 2014 ''' ''DRAFT Agenda''
+
===January 2019 WGM San Antonio===
* [[HL7 WGM JAN 2014 - San Antonio, Texas USA Security WG]] - Agenda, January 19-25, 2014
+
* Confluence [https://confluence.hl7.org/pages/viewpage.action?pageId=39159947&src=contextnavpagetreemode January 2019 Security WGM Agenda/Minutes/Attendance] - DRAFT
 +
* Wiki [[January 2019 Security Working Group Meeting Agenda - San Antonio]] - DRAFT
  
==Security WG Weekly Meeting Minutes and Agenda==
+
====Previous WGM Links:====
  
* [[July 29, 2014 Security WG Conference Call]]
+
*[http://www.hl7.org/documentcenter/public_temp_F0279555-1C23-BA17-0C0C093F748E646F/schedules/balloting_schedule/January%202019%20Balloting%20Schedule.pdf January 2019 Balloting Schedule]
* [[July 22, 2014 Security WG Conference Call]]
+
*[[September 2018 Security Working Group Meeting Agenda - Baltimore]]
* [[July 15, 2014 Security WG Conference Call]]
+
*[[September 2018 Security Working Group Meeting Agenda- Baltimore (DRAFT)]]
* [[July 08, 2014 Security WG Conference Call]]
+
*[http://wiki.hl7.org/index.php?title=HL7_September_2018_WGM_MINUTES HL7 September 2018 WGM MINUTES - Baltimore final]
* July 01, 2014 Security WG Conference Call - CANCELLED (Due the USA holiday week and the World Cup match between Belgium and USA)
 
* [[June 24, 2014 Security WG Conference Call]]
 
* [[June 17, 2014 Security WG Conference Call]]
 
* [[June 10, 2014 Security WG Conference Call]]
 
* [[June 03, 2014 Security WG Conference Call]]
 
* [[May 27, 2014 Security WG Conference Call]]
 
* [[May 20, 2014 Security WG Conference Call]]
 
* May 13, 2015 Security WG Conference Call -
 
* May 6, 2015 Security WG Conference Call - no teleconference (WGM)
 
* [[April 29, 2015 Security WG Conference Call]]
 
* [[April 22, 2015 Security WG Conference Call]]
 
* [[April 15, 2015 Security WG Conference Call]]
 
* [[April 8, 2014 Security WG Conference Call]]
 
* [[April 1, 2014 Security WG Conference Call]]
 
* [[March 25, 2014 Security WG Conference Call]]
 
* [[March 18, 2014 Security WG Conference Call]]
 
* [[March 11, 2014 Security WG Conference Call]]
 
* [[March 4, 2014 Security WG Conference Call]]
 
* [[February 25, 2014 Security WG Conference Call]]
 
* [[February 18, 2014 Security WG Conference Call]]
 
* [[February 11, 2014 Security WG Conference Call]]
 
* [[February 04, 2014 Security WG Conference Call]]
 
* [[January 14, 2014 Security WG Conference Call]]
 
* [[January 07, 2014 Security WG Conference Call]]
 
''Meeting Agenda/Minutes held in 2013 moved to [[2013 Security Conference Call - ARCHIVE]]''
 
  
[[Security WG Meeting Minutes Template]]
+
===[[Security FHIR Connectathons]]===
  
===Upcoming WGM Agenda & Minutes===
+
==Security WG Weekly Meeting Minutes and Agenda==
  
 +
* [https://confluence.hl7.org/display/SEC/2019-01-08+Security+Meeting+Conference+Call+Agenda Security Conference Call, January 8, 2019] Meeting Agenda and Minutes are now located on Confluence!! 
 +
** Please do not forget to sign-up for a Confluence Account!!
 +
** Link to request an account for Jira/Confluence, https://confluence.hl7.org/#space-menu-link-content  If you have an account for other Work Groups, you do not need to request a new account.
  
 +
* Calls cancelled for holidays until January 8, 2019
 +
* [[December 11, 2018 Security Conference Call]]
 +
* [[December 4, 2018 Security Conference Call]]
 +
* [[November 27, 2018 Security Conference Call]]
 +
* [[November 20, 2018 Security Conference Call]]
 +
* [[November 13, 2018 Security Conference Call]]
 +
* [[November 6, 2018 Security Conference Call]]
 +
* [[October 30, 2018 Security Conference Call]]
 +
* [[October 23, 2018 Security Conference Call]]
 +
* [[October 16, 2018 Security Conference Call]]
 +
* Calls cancelled to prepare for, attend, and do follow up to September Baltimore WGM Sept 28 - October 5
 +
* [[September 18, 2018 Security Conference Call]]
 +
* [[September 11, 2018 Security Conference Call]]
 +
* [[September 4, 2018 Security Conference Call]]
 +
* [[August 28, 2018 Security Conference Call]]
 +
* [[August 21, 2018 Security Conference Call]]
 +
* [[August 14, 2018 Security Conference Call]]
 +
* [[August 07, 2018 Security Conference Call]]
  
===Past WGM Agenda & Minutes===
 
  
*[http://wiki.hl7.org/index.php?title=HL7_WGM_MAY_2014_-_Phoenix,_Arizona_USA_Security_WG HL7 May 2014 WGM Security WG Agenda]
+
*[[Security WG Meeting Minutes Template]]
**[http://gforge.hl7.org/gf/download/docmanfileversion/8209/11982/HL7%20May%202014%20Phoenix%20WGM%20Minutes.docx HL7 May 2014 Phoenix WGM Minutes]
 
* '''[[HL7 WGM JAN 2014 - San Antonio, Texas USA Security WG]] - Agenda, January 19-25, 2014
 
**[http://gforge.hl7.org/gf/download/docmanfileversion/7844/11457/HL7%20Security%20WGM%20Minutes%20San%20Antonio%20Jan%202014%20draft%203.docx HL7 Security WGM Minutes San Antonio Jan 2014]
 
  
===Security - Weekly Call Minutes ARCHIVE===
+
==[[Archive - Security WG WGM and Weekly Meeting Minutes and Agenda]]==
 +
===[http://wiki.hl7.org/index.php?title=HL7_FHIR_security_topics HL7 FHIR Security Calls]===
  
* '''2013 Meeting Minutes - [[2013 Security Conference Call - ARCHIVE]]''' to December 2013
+
=Security Project Space=
** '''[[HL7 WGM - Cambridge, Massachusetts USA Security WG]]''' - Agenda, September 22-27, 2013
+
=='''HL7 Security Review and Comment Topics'''==
**[http://gforge.hl7.org/gf/download/docmanfileversion/7733/11311/HL7%20Security%20WGM%20Minutes%20Cambridge%20Sept%202013.docx HL7 Security WGM Cambridge Minutes]
+
===[[GDPR (General Data Protection Regulation)]]===
** '''[[HL7 WGM - Atlanta, Georgia, USA Security WG - AGENDA]]''' May 5-10, 2013
+
===''[["Is Privacy Obsolete" Study Group Page"]]''===
***'''[http://gforge.hl7.org/gf/download/docmanfileversion/7352/10481/HL7SecurityWGMMinutesAtlantaMay2013.docx HL7 WGM - Atlanta May 2013, Security (approved)]
+
===[[HL7 Kantara and OASIS X-Paradigm Research by Mohammad Jafari]]===
** '''[http://gforge.hl7.org/gf/download/docmanfileversion/7331/10433/HL7SecurityWGMMinutesPhoenixJan2013.docx January 2013 Working Group Meeting Minutes - Phoenix, AZ USA]
+
Features papers and blogs were developed to encourage collaborative development across several standards supporting emerging healthcare privacy and security use cases.
*** January 15, 2013 Security Working Group Conference Call - meetings held F2F at WGM, Phoenix
+
===''[[ONC Interoperability Standards Advisory 2018 Review and Comment Page]]''===
 +
===''[[ONC Trusted Exchange Common Agreement Framework Comments Page]]''===
 +
*Links for ONC Trusted Exchange Common Agreement Kick Off
 +
**[https://www.healthit.gov/21st-century-cures-act-trusted-exchange-and-common-agreement-tfca-kick-meeting-1 Presentation Recordings]
 +
**[https://www.healthit.gov/sites/default/files/july24trustedexchangeframework.pdf ONC Trusted Exchange Common Agreement deck]
 +
*[https://oncprojectracking.healthit.gov/wiki/display/INTEROP/Common+Agreement+and+Exchange+Framework 21st Century Cures Act Trusted Exchange Framework and Common Agreement Public Comment Submission site]
 +
*Comments due Aug. 25
 +
===[[FHIR Bulk Data Transfer Privacy and Security Concerns]]===
 +
===[[FHIR Consumer Centered Data Exchange (CCDE) Connectathon]]===
 +
*[http://wiki.hl7.org/index.php?title=September_2018_Baltimore_CCDE_Connectathon_Track_4 201809 Integrated Care Plan, Clinical Decision Support and Consumer Mediated Exchange tracks]
 +
*[http://wiki.hl7.org/index.php?title=June_2018_MiHIN_Consumer_Mediated_Exchange_(CME)_Connectathon_Track_3 MIHIN June 2018 Consumer Mediated Exchange Connectathon Track 3]
 +
*[[January 2018 New Orleans CCDE Connectathon Track 2]]
 +
*[[September 2017 San Diego CCDE Connectathon Track 1]]
  
* '''2012 Meeting Minutes - [[2012 Security Conference Call - ARCHIVE]]'''
+
===[[HL7 Version 2 Privacy and Security]]===
** '''[http://http://gforge.hl7.org/gf/download/docmanfileversion/7184/10048/HL7SecurityWGMMinutesBaltimoreSept2012.htm/open September 2012 Working Group Meeting Minutes - Baltimore, MD USA]
 
** [http://www.hl7.org/events/wgm092012/ HL7 WGM - Baltimore, Maryland, USA | September 09-14, 2012] - Meeting Information
 
** '''[[HL7 WGM - Baltimore, Maryland, USA Security WG - AGENDA]]''' - approved
 
** '''[http://gforge.hl7.org/gf/download/docmanfileversion/6821/9381/HL7SecurityMinutesVancouver2012MayTW21-05-2012.doc May 2012 Working Group Meeting - Vancouver, BC Canada]
 
** '''[http://wiki.hl7.org/index.php?title=January_2012_Working_Group_Meeting_-_San_Antonio,_TX,_USA_-_Security_WG_Agenda January 2012 Working Group Meeting - San Antonio, Texas USA]'''
 
* '''2011 Meeting Minutes - [[2011 Security Conference Call - ARCHIVE]]'''
 
** September 2011 Working Group Meeting - San Diego, California USA
 
** [[May 2011 Working Group Meeting - Orlando, Florida USA, Security WG Agenda]] '''DRAFT'''
 
** [[January 2011 Working Group Meeting - Sydney, Australia]] AGENDA
 
* '''2010 Meeting Minutes - [[2010 Security Conference Call - ARCHIVE]]''' to October 2010
 
** [[October 2010 Working Group Meeting - Cambridge/Boston, Massachusetts USA, Security WG Agenda]]
 
** '''[http://wiki.hl7.org/index.php?title=May_2010_Security_Working_Group_Meeting_-_Rio_de_Janeiro May 2010 Working Group Meeting - Rio de Janeiro, Security WG Agenda]'''
 
* '''2009 Meeting Minutes - [[2009 Security Conference Call - ARCHIVE]]''' to December 2009
 
* '''2008 Meeting Minutes - [[2008 Security Conference Call - ARCHIVE]]'''
 
  
=Security Project Space=
+
=='''[[Archive of HL7 Security Review and Comment Topics]]'''==
 +
=='''Approved Security WG Projects'''==
 +
==[http://wiki.hl7.org/index.php?title=Privacy_and_Security_Framework_Architecture_(PSAF) Privacy and Security Framework Architecture (PSAF), ''' ''TF4FA Ballot Reconciliation''' '']==
 +
* latest [https://gforge.hl7.org/gf/project/security/docman/HL7%20Security%20SOA/PSAF/PSAF%20TF4FA%20May%202018/PSAF%20TF4FA%20May%202018%20Reconciliation/ballotcomments_V3_PSAF_R1_N1_2018MAY%20amalgamated.xls Ballot Reconciliation Sheet]
 +
* <<add link>> Ballot Document
 +
==[[PASS Healthcare Audit Services]] Project==
 +
* [<<add link>> Ballot Reconciliation Sheet]
 +
* <<add link>> Ballot Document
  
=='''Approved HL7 Projects'''==
+
===[http://wiki.hl7.org/index.php?title=HL7_FHIR_security_topics HL7 FHIR Security Topics (wiki page)]]===
===[[SSOA Privacy and Security Conceptual Information Model in FHIM]]===
+
===[[HL7 Patient Friendly Consent Directive Project]]===  
 
===[[Trust Label]]===
 
===[[Trust Label]]===
 
===[[Security Labeling Service Project|Security Labeling Service Project Wiki]]===
 
===[[Security Labeling Service Project|Security Labeling Service Project Wiki]]===
Line 125: Line 134:
 
===[[HL7 DS4P CBCC-Security WG Joint Project]]===
 
===[[HL7 DS4P CBCC-Security WG Joint Project]]===
  
* [http://hl7projects.hl7.nscee.edu/docman/view.php/52/49/RBAC%20Privacy%20and%20Authorization%20Terminology%20Project%20Scope%20Statement%20v0%202.doc RBAC Privacy and Authorization Terminology Project Scope Statement v0 2.doc] joint with [[Community-Based Collaborative Care]]
+
*[http://hl7projects.hl7.nscee.edu/docman/view.php/52/49/RBAC%20Privacy%20and%20Authorization%20Terminology%20Project%20Scope%20Statement%20v0%202.doc RBAC Privacy and Authorization Terminology Project Scope Statement v0 2.doc] joint with [[Community-Based Collaborative Care]]
** [http://healthlevelseven.projectinsight.net/Content/Folders/FolderDisplay.aspx?Id=167add16c33a41968e70be6e22d8d807&ReturnUrl=/Content/Folders/FolderDisplay.aspx%3FId%3Dddbc44e93a52422089595248f65bc993%26ReturnUrl%3D%252fContent%252fFolders%252fFolderDisplay.aspx%253fId%253dddbc44e93a52422089595248f65bc993%2526ReturnUrl%253d%25252fContent%25252fFolders%25252fFolderDisplay.aspx%25253fId%25253dddbc44e93a52422089595248f65bc993%252526ReturnUrl%25253d%2525252fContent%2525252fFolders%2525252fFolderDisplay.aspx%252526_sx%25253d0%252526_sy%25253d0%2526_sx%253d0%2526_sy%253d0%26_sx%3D0%26_sy%3D0 Project Insight - Project Plan]
+
**[http://healthlevelseven.projectinsight.net/Content/Folders/FolderDisplay.aspx?Id=167add16c33a41968e70be6e22d8d807&ReturnUrl=/Content/Folders/FolderDisplay.aspx%3FId%3Dddbc44e93a52422089595248f65bc993%26ReturnUrl%3D%252fContent%252fFolders%252fFolderDisplay.aspx%253fId%253dddbc44e93a52422089595248f65bc993%2526ReturnUrl%253d%25252fContent%25252fFolders%25252fFolderDisplay.aspx%25253fId%25253dddbc44e93a52422089595248f65bc993%252526ReturnUrl%25253d%2525252fContent%2525252fFolders%2525252fFolderDisplay.aspx%252526_sx%25253d0%252526_sy%25253d0%2526_sx%253d0%2526_sy%253d0%26_sx%3D0%26_sy%3D0 Project Insight - Project Plan]
 
* [http://gforge.hl7.org/gf/project/cbcc/scmsvn/?action=browse&path=%2Ftrunk%2FCDA%2520Implementation%2520Guide%2Fdocs%2FCDAR2_CD_IG%2520_D2_2010MAY.pdf&view=log CDA R2 Implementation Guide for Privacy Consent Directives May 2010] joint with [[Community-Based Collaborative Care]]
 
* [http://gforge.hl7.org/gf/project/cbcc/scmsvn/?action=browse&path=%2Ftrunk%2FCDA%2520Implementation%2520Guide%2Fdocs%2FCDAR2_CD_IG%2520_D2_2010MAY.pdf&view=log CDA R2 Implementation Guide for Privacy Consent Directives May 2010] joint with [[Community-Based Collaborative Care]]
  
=='''Approved Security WG Projects'''==
+
 
===[[Way with Verbs: Operations Ontology Project]]===
+
===Joint Vocabulary Alignment Project===
 +
*[[Record Lifecycle, Security, Privacy, and Provenance Vocabulary Alignment]]
 +
*[[Way with Verbs: Operations Ontology Project]] (Deprecated)
 +
 
 +
==='''Joint Projects with ONC and Others'''===
 +
 
 +
==Updates to the FHIR Security Pages per ONC Precision Medicine Initiative and API Privacy and Security Considerations==
 +
*[https://www.healthit.gov/sites/default/files/privacy-security-api.pdf KEY PRIVACY AND SECURITY CONSIDERATIONS FOR HEALTHCARE APPLICATION PROGRAMMING INTERFACES (APIS)]
 +
*[https://beta.healthit.gov/ ONC Role in Precision Medicine Initiative (PMI)]
 +
*[https://beta.healthit.gov/topic/privacy-security-and-hipaa/health-it-privacy-and-security-resources-providers Health IT Privacy and Security Resources for Providers ]
 +
 
 +
===[[Consent on FHIR]]===
 +
Security WG members collaborating on [http://confluence.siframework.org/display/PATCH/The+Patient+Choice+Technical+Project+Homepage ONC Patient Choice Project] Mike Davis, Duane Decouteau,  Mohammad Jafari, and Tony Mallia participated in the ONC Patient Choice Basic Consent Pilots at the HL7 Connectathon. Presentations, demonstration, and other material available on this page.
 +
===[[HIMSS 2017 Patient Choice]]===
 +
Featuring FHIR Consent and Consent2Share with UMA and Smart on FHIR Authorization Servers, ONC Patient Choice pilots VA and MiHIN join SAMHSA to demonstrate how emerging technologies can protect sensitive patient health information in implementer friendly ways.  See this page for HIMSS collateral, vignette, and demonstration links.
 +
[[File:Patient_Choice_on_FHIR_Image.png|400px|thumb|right|HIMSS 2017 Patient Choice on FHIR]]
  
 
==Security Ballot Information==
 
==Security Ballot Information==
  
 
==Security Harmonization Information==
 
==Security Harmonization Information==
*[[July 2014 Harmonization Proposals]]
+
*[[July 2018 Harmonization Cycle]]
*[[March 2013 Harmonization Proposal]]
+
*[[Security Harmonization Archive]]
*[[November 2013 Harmonization Proposals]]
+
 
*[[July 2013 Harmonization Proposals]]
+
=='''[[HL7 Security Video Library]]'''==
 +
[[File:PoF_Icon.png|400px|thumb|right|Privacy on FHIR]]
 +
*[https://www.youtube.com/watch?v=Sj0ZOi1AxhY HL7 Cascading UMA OAuth video - Duane Decouteau]
 +
*[http://va.edmondsci.com:8080/ehtac/sof/ Privacy on FHIR HIMSS 2015 Security Labeling Demo]
 +
*[https://www.youtube.com/watch?v=SKHUdiLcC0w Security Labels for the FHIR Connectathon]
 +
* [https://www.youtube.com/watch?v=4lMG96nmWS0 HIMSS 2013 Interoperability Showcase Demonstrations (DS4P) Using Healthcare Security Labels - eHealth Exchange]
  
 
=='''[[HL7 Security Document Library]]'''==
 
=='''[[HL7 Security Document Library]]'''==
 +
*[http://www.hl7.org/search/viewSearchResult.cfm?search_id=393442&search_result_url=%2Fdocumentcenter%2Fpublic%2Fwg%2Fsecure%2FHL7%20Emergency%20Access%2Edoc Healthcare Requirements for Emergency Access by Mike Davis VA]
 +
*[[Bernd Blobel Presentations at 2017 Madrid WGM and other publications]]
 +
*[[HL7 Policy Advisory Committee: Security, Privacy, Trust, and Provenance Considerations]]
 +
*[[Purpose of Use]]
 +
*[[International and National Security and Privacy Policy and SDO Reports]]
 +
*[[Privacy and Security, Big Data, Provenance and Privacy Reference Materials]]
 +
*[http://www.nist.gov/itl/csd/upload/nist_privacy_engr_objectives_risk_model_discussion_deck.pdf NIST Privacy Engineering Objectives and Risk Model - Discussion Deck Objective-Based Design for Improving Privacy in Information Systems]
 
*[http://wiki.hl7.org/index.php?title=HL7_Security_Document_Library Jan 2014 WGM Security Education Session Presentations]
 
*[http://wiki.hl7.org/index.php?title=HL7_Security_Document_Library Jan 2014 WGM Security Education Session Presentations]
 
*[http://www.hl7.org/Special/committees/secure/docs.cfm Security Educational Tutorial on Wed 26th Sept, 2013 at Cambridge, MA.]  
 
*[http://www.hl7.org/Special/committees/secure/docs.cfm Security Educational Tutorial on Wed 26th Sept, 2013 at Cambridge, MA.]  
 
* [http://wiki.hl7.org/index.php?title=HL7_Security_Document_Library Jan 2013 WGM Security Education Session presentations''']
 
* [http://wiki.hl7.org/index.php?title=HL7_Security_Document_Library Jan 2013 WGM Security Education Session presentations''']
* * [[Security and Privacy Tutorial 2012]]
+
* [[Security and Privacy Tutorial 2012]]
 +
* [[Security and Privacy mHealth]]
 
* [[HL7 Security and Privacy Requirements for CDA R3]]
 
* [[HL7 Security and Privacy Requirements for CDA R3]]
 
* [[Security & CBCC Work Group Response to Meaningful Use IFR]]
 
* [[Security & CBCC Work Group Response to Meaningful Use IFR]]
Line 152: Line 189:
 
* [[Cookbook for Security Considerations]] - Instructions for HL7 standards authors and workgroup members
 
* [[Cookbook for Security Considerations]] - Instructions for HL7 standards authors and workgroup members
 
*Security and Privacy Ontology Project - [http://wiki.hl7.org/index.php?title=Security_and_Privacy_Ontology#Draft_Ontology Weekly updates to the draft Security & Privacy Ontology]
 
*Security and Privacy Ontology Project - [http://wiki.hl7.org/index.php?title=Security_and_Privacy_Ontology#Draft_Ontology Weekly updates to the draft Security & Privacy Ontology]
 +
* [http://wiki.hl7.org/index.php?title=Role-Based_Access_Control_(RBAC)_Use_Cases RBAC Use Cases]
  
=='''[[HL7 Security Video Library]]'''==
+
=='''Security WG Reference Model Code'''==
*[https://www.youtube.com/watch?v=SKHUdiLcC0w Security Labels for the FHIR Connectathon]
+
* [https://github.com/ddecouteau/HIMSS2015PrivacyOnFHIR Developed Reference Model code for HIMSS 2015 Privacy on FHIR Demonstration - publicly available]
 
 
* [https://www.youtube.com/watch?v=4lMG96nmWS0 HIMSS 2013 Interoperability Showcase Demonstrations (DS4P) Using Healthcare Security Labels - eHealth Exchange]
 
  
 
=='''Action Item List'''==
 
=='''Action Item List'''==
  
 
===Tracking List===
 
===Tracking List===
 
*[[Security & Privacy DAM|Parking Lot for Recommended Security & Privacy DAM Changes]]
 
 
[[Category:Foundation_and_Technology_Steering_Division]]
 
[http://www.hl7tsc.org/wiki/index.php?title=Foundation_%26_Technology_Steering_Division_Home Foundation and Technology Steering Division Home Page]
 
[[Category:Work_Group]]
 

Latest revision as of 18:49, 26 April 2019

Current Content related to this page can be found on Confluence Here
Leadership Governance Weekly_Meeting_Information

Alexander Mense - Program Director Information Management und IT-Security University of Applied Sciences Technikum Wien

Kathleen Connor - VHA Security Architecture – Framework Engineering (Book Zurman Inc.)

John Moehrke - By-Light Professional IT Services, Inc

Trish Williams PhD - Flinders University

Christopher Shawn - VHA Security Architecture

Security Mission & Charter 2017

Security Decision Making Processes 2017

SWOT Sep 2016

Security 3-Year Plan

Infrastructure Steering Division Home

Relevant HL7 Policies and Procedures

Security Confluence

Weekly, Tuesday at 3 pm EST (12 pm PST) Beginning March 28 - Security WG FreeConference web meeting

Call Weekly Call Agenda Links below on this home page. Please be aware that teleconference meetings are recorded to assist with creating the meeting minutes

Foundation and Technology Steering Division Home Page

Contents

Security WGM Calendar and Minutes

January 2019 WGM San Antonio

Previous WGM Links:

Security FHIR Connectathons

Security WG Weekly Meeting Minutes and Agenda


Archive - Security WG WGM and Weekly Meeting Minutes and Agenda

HL7 FHIR Security Calls

Security Project Space

HL7 Security Review and Comment Topics

GDPR (General Data Protection Regulation)

"Is Privacy Obsolete" Study Group Page"

HL7 Kantara and OASIS X-Paradigm Research by Mohammad Jafari

Features papers and blogs were developed to encourage collaborative development across several standards supporting emerging healthcare privacy and security use cases.

ONC Interoperability Standards Advisory 2018 Review and Comment Page

ONC Trusted Exchange Common Agreement Framework Comments Page

FHIR Bulk Data Transfer Privacy and Security Concerns

FHIR Consumer Centered Data Exchange (CCDE) Connectathon

HL7 Version 2 Privacy and Security

Archive of HL7 Security Review and Comment Topics

Approved Security WG Projects

Privacy and Security Framework Architecture (PSAF), TF4FA Ballot Reconciliation

PASS Healthcare Audit Services Project

  • [<<add link>> Ballot Reconciliation Sheet]
  • <<add link>> Ballot Document

HL7 FHIR Security Topics (wiki page)]

HL7 Patient Friendly Consent Directive Project

Trust Label

Security Labeling Service Project Wiki

Healthcare Privacy and Security Classification System

Security and Privacy Ontology Project Wiki

HL7 DS4P CBCC-Security WG Joint Project


Joint Vocabulary Alignment Project

Joint Projects with ONC and Others

Updates to the FHIR Security Pages per ONC Precision Medicine Initiative and API Privacy and Security Considerations

Consent on FHIR

Security WG members collaborating on ONC Patient Choice Project Mike Davis, Duane Decouteau, Mohammad Jafari, and Tony Mallia participated in the ONC Patient Choice Basic Consent Pilots at the HL7 Connectathon. Presentations, demonstration, and other material available on this page.

HIMSS 2017 Patient Choice

Featuring FHIR Consent and Consent2Share with UMA and Smart on FHIR Authorization Servers, ONC Patient Choice pilots VA and MiHIN join SAMHSA to demonstrate how emerging technologies can protect sensitive patient health information in implementer friendly ways. See this page for HIMSS collateral, vignette, and demonstration links.

HIMSS 2017 Patient Choice on FHIR

Security Ballot Information

Security Harmonization Information

HL7 Security Video Library

Privacy on FHIR

HL7 Security Document Library

Security WG Reference Model Code

Action Item List

Tracking List