September 2016 Security Working Group Meeting - Baltimore Maryland USA
HL7 WGM Event BROCHURE Link
[On-Site Meeting Schedule & Hotel Guide
Minutes: September 2016 Baltimore WGM - Security
Back to Security Meetings
Day
|
Date
|
Qtr
|
Time
|
Event
|
Session Leader
|
Room
|
SUN |
SEP 18 |
Q1 |
9:00-10:30 |
. |
No Meeting |
.
|
|
|
Q2 |
11:00-12:30 |
. |
No Meeting |
.
|
|
|
Q3 |
1:45 -3:00 |
. |
No Meeting |
.
|
|
|
Q4 |
3:30 -5:00 |
. |
No Meeting |
.
|
MON |
SEP 19 |
Q1 |
9:00-10:30 |
. |
No Meeting |
.
|
|
|
Q2 |
11:00-12:30 |
. |
No Meeting |
.
|
|
|
Q3 |
1:45 -3:00
|
Joint CBCC - Security
|
CBCC |
Constellation F
|
|
|
Q4 |
3:30 -5:00
|
Joint with CBCC – New discussion items and projects
|
CBCC
|
Constellation F
|
TUE |
SEP 20 |
Q1 |
9:00-10:30
|
Opening Security WG Meeting
- Introductions
- Approval of agenda
- International Report outs
- ONC ISA Comments - Consider resending and requesting that ONC give rationale for what is or is not adopted. Forward to PAC for Board review.
- Liaison Reports: ISO, IHE, ONC (HEART)
- HL7 Project status and updates:
- Standards Privacy Impact Assessment (formerly: Privacy Impact Assessment and P&SbD)
- FHIR Security - AuditEvent, Provenance, Security Labels
- FHIR Consent Directive work (with CBCC)
- Trust Framework - plan for Q2 work session
- SOA Audit
|
Security
|
Columbia
|
|
|
Q2 |
11:00-12:30
|
Trust Framework Work Session
|
Security
|
Columbia
|
|
|
Q3 |
1:45-3:00
|
Security WG Project Meeting
|
Security
|
Columbia
|
|
|
Q4 |
3:30 -5:00
|
CBCC FHIR-I Joint on FHIR ConsentDirective
|
CBCC
|
Columbia
|
WED |
SEP 21 |
Q1 |
9:00-10:30
|
Joint w/ EHR, CBCC, FHIR, SOA, Security
- FHIR server with the capability to enforce patient consent via a third-party authorization server (UMA) as well as enforcing overarching organizational Security Labeling Service (SLS)/Privacy Protective Service (PPS) services. The server modifies and labels the outgoing bundles on a dynamic per-request basis based on applicable patient consents as well as the overarching SLS and PPS rules (including the high-watermark label on the bundle).
- Security WG FHIR STU3 Server http://mhs.edmondsci.com:8080/fhir-uma-client-demo/
- VA ONC Patient Choice Pilot FHIR Consent UMA Connectathon
|
Security
|
Constellation C
|
|
|
Q2 |
11:00-12:30
|
Joint w/ SOA
- Tentative Agenda Items:
- PASS Audit topics (joint w Security, CBCC, SOA)
- Privacy and Security Architecture Framework [PSAF] and SOA PASS Conceptual Models
|
SOA
|
Frederick
|
|
|
Q3 |
1:45 -3:00
|
Security WG Prep for THURs Q1 CBCC FHIR-I Joint
- Review of all FHIR Security and Consent related guidance to ensure alignment with Security and CBCC WG positions FHIR STU3 Security and Privacy Module as this material was not previously reviewed or approved by the WGs.
- FHIR Security Label Guidance - Align with HCS, co-occurrence constraint on Confidentiality, include trust and integrity security label vocabulary
- FHIR Privacy Impact and Security Risk Assessments
- For Infrastructure - e.g., versioning, updates, history and impact on persistence of security labels if required by policy
- By Resources - optional Privacy and Security Notes
|
Security
|
Room TBA
|
|
|
Q4 |
3:30 -5:00
|
Security WG Project Meeting
- Privacy and Security Architecture Framework [PSAF] update
- SOA Audit
- Discussion on Future work items
- Workgroup Health Update - cont. THU Q2
|
Security
|
Room TBA
|
THU |
SEP 22 |
Q1 |
9:00-10:00
|
Security Joint with FHIR-I
- Tentative Agenda Item
- FHIR Connectathon Privacy and Security testing scenarios
|
Security
|
Room TBA
|
|
|
Q2 |
11:00-12:30
|
Security WG Project Meeting
- Nov Harmonization Proposals
- New Obligation to render human readable notices, such as Part 2 Redisclosure w/o Consent Prohibition
- POU additions - HTEST, Research Consent POUs
- Research Consent Refrains, Obligations
|
Security
|
Room TBA
|
|
|
Q3 |
1:45 -3:00 |
|
.
|
|
|
Q4 |
3:30 -5:00 |
. |
No Meeting |
.
|
FRI |
SEP 23 |
Q1 |
9:00-10:30 |
. |
No Meeting |
.
|
|
|
Q2 |
11:00-12:30 |
. |
No Meeting |
.
|
|
|
Q3 |
1:45 -3:00 |
. |
No Meeting |
.
|
|
|
Q4 |
3:30 -5:00 |
. |
No Meeting |
|
Back to Security Wiki Meetings
Session Type: