This wiki has undergone a migration to Confluence found Here

Difference between revisions of "September 2018 Security Working Group Meeting Agenda- Baltimore (DRAFT)"

From HL7Wiki
Jump to navigation Jump to search
 
(15 intermediate revisions by 3 users not shown)
Line 4: Line 4:
 
[http://www.hl7.org/documentcenter/public_temp_215DAB26-1C23-BA17-0CA8357A9B96655F/brochures/wgm/HL7_WGM_20180731.pdf HL7 September 2018 Baltimore WGM Event BROCHURE Link]
 
[http://www.hl7.org/documentcenter/public_temp_215DAB26-1C23-BA17-0CA8357A9B96655F/brochures/wgm/HL7_WGM_20180731.pdf HL7 September 2018 Baltimore WGM Event BROCHURE Link]
  
*[<<link TBD)>> Baltimore WGM ]for meeting room information
+
*[https://eventmobi.com/swgm2018/agenda/337070 WGM Meeting list]
 +
 
 +
*[http://www.hl7.org/documentcenter/public_temp_DAD0B183-1C23-BA17-0C15AB73EBBACFBD/brochures/wgm/HL7_WGM_20180914.pdf  Baltimore WGM ]for meeting room information]
 +
 
 
*[http://wiki.hl7.org/index.php?title=January_2018_CBCP_Working_Group_Meeting_-_New_Orleans,_Louisiana,_USA CBCP WGM Agenda]
 
*[http://wiki.hl7.org/index.php?title=January_2018_CBCP_Working_Group_Meeting_-_New_Orleans,_Louisiana,_USA CBCP WGM Agenda]
  
[<<link TBD)>> HL7 Sept 2018 WGM Minutes]
+
*[http://wiki.hl7.org/index.php?title=HL7_WGM_MAY_2017_-_Madrid_Spain_Minutes HL7 May 2018 Cologne WGM Minutes]
 +
 
 +
*[https://gforge.hl7.org/gf/project/security/docman/HL7%20Security%20WG%20Administrative%20Documents/Security%20Admin%20WGM%20Minutes/HL7%20Sep%202018%20WGM%20Baltimore/Baltimore%20201809%20Security%20WG%20Attendees-1.xlsx Attendee Sign Up Sheet]
  
[wiki.hl7.org/index.php?title=FHIR_Connectathon_19 FHIR Connectathon]
+
*[http://wiki.hl7.org/index.php?title=FHIR_Connectathon_19 201809 FHIR Connectathon]
 +
 
 +
*[http://wiki.hl7.org/index.php?title=HL7_September_2018_WGM_MINUTES Draft Baltimore HL7 September 2018 Baltimore WGM Minutes]
  
 
[[Security|Back to Security Meetings]]
 
[[Security|Back to Security Meetings]]
Line 30: Line 37:
 
|-
 
|-
 
|-valign="top"
 
|-valign="top"
|SUN||SEP 30||Q1|| 9:00-10:30||.|||.||Room TBD
+
|SUN||SEP 30||Q1|| 9:00-10:30||.|||.||
 
|-
 
|-
 
|-valign="top"
 
|-valign="top"
| ||||Q2||11:00-12:30||||||Room TBD
+
| ||||Q2||11:00-12:30||||||
 
|-
 
|-
 
|-valign="top"
 
|-valign="top"
Line 39: Line 46:
 
|-
 
|-
 
|-valign="top"
 
|-valign="top"
| ||||Q4||3:30-5:00||||||Room TBD
+
| ||||Q4||3:30-5:00||||||
 
|-
 
|-
 
|-valign="top"
 
|-valign="top"
Line 52: Line 59:
 
* [http://wiki.hl7.org/index.php?title=September_2018_CBCC_Working_Group_Meeting_-_Baltimore,_Maryland_USA CBCP WGM Agenda]
 
* [http://wiki.hl7.org/index.php?title=September_2018_CBCC_Working_Group_Meeting_-_Baltimore,_Maryland_USA CBCP WGM Agenda]
 
||CBCP hosting Security
 
||CBCP hosting Security
||Room TBD
+
||Columbia
 
|-
 
|-
 
|-valign="top"
 
|-valign="top"
Line 67: Line 74:
 
** PSAF Project Refresh, ''Trust Framework and S&P DAM'' - Next Steps overview - Mike Davis  
 
** PSAF Project Refresh, ''Trust Framework and S&P DAM'' - Next Steps overview - Mike Davis  
 
||Security
 
||Security
||Room
+
||Guest Romm 319
 
|-
 
|-
 
|-valign="top"
 
|-valign="top"
Line 73: Line 80:
 
|Security Ballot Reconciliation
 
|Security Ballot Reconciliation
 
*TF4FA Volumes 1 & 2 Ballot Reconciliation
 
*TF4FA Volumes 1 & 2 Ballot Reconciliation
*PASS Audit Ballot Reconciliation
+
*Update of Volume 3 Draft - Mike Davis
 +
*PASS Audit Ballot Reconciliation - Update PASS Audit per ballot dispositions
  
 
  ||Security
 
  ||Security
||Room
+
||Frederick
 
|-
 
|-
 
|-valign="top"
 
|-valign="top"
Line 87: Line 95:
 
#* ''Drill down of FHIR Security-Privacy activities''  
 
#* ''Drill down of FHIR Security-Privacy activities''  
 
||
 
||
||Room
+
||Columbia
 
|-
 
|-
 
|-valign="top"
 
|-valign="top"
 
| ||||Q4||3:30-5:00
 
| ||||Q4||3:30-5:00
||'''Security PSAF/TF4FA – Volume 3  Work Session'''
+
||'''Security Joint with CBCP
* Update of Volume 3 Draft - Mike Davis
+
* MiHIN's ONC Patient Granular Choice Pilot presentation - Shreya Patel
||||Room
+
* FHIR Consent and FHIR Contract Comparison proposed white paper
 +
||||Convay
 
|-
 
|-
 
|-valign="top"
 
|-valign="top"
Line 103: Line 112:
 
#S&P Considerations for FHIR - John Moehrke
 
#S&P Considerations for FHIR - John Moehrke
 
*Security rep to OO for [https://confluence.hl7.org/display/HL7/2-To-FHIR?flashId=-806589318 FHIR2V2 PSS] for security labels W Q1/Q4
 
*Security rep to OO for [https://confluence.hl7.org/display/HL7/2-To-FHIR?flashId=-806589318 FHIR2V2 PSS] for security labels W Q1/Q4
 +
*Security rep to PAC
 
||EHR hosting Security, CBCP, FHIR-I
 
||EHR hosting Security, CBCP, FHIR-I
||Room
+
||Constallation D
 
|-
 
|-
 
|-valign="top"
 
|-valign="top"
 
| ||||Q2||11:00-12:30
 
| ||||Q2||11:00-12:30
||GDPR Session
+
||'''Security '''
* GDPR Chat-a-thon Findings
+
* PSAF Project Refresh, ''Trust Framework and S&P DAM'' - (Information Model) Next Steps - Mike Davis (moved to another Q)
*[http://confluence.hl7.org/display/SEC/FHIR+-+GDPR GDPR White Paper]
+
||Security||NO ROOM ASSIGNED!!!
*[http://wiki.hl7.org/index.php?title=GDPR_(General_Data_Protection_Regulation) Security GDPR Wiki]
 
||Security||Room TBD
 
 
|-
 
|-
 
|-valign="top"
 
|-valign="top"
 
| ||||Q3||1:45-3:00
 
| ||||Q3||1:45-3:00
 
||'''Security WG - FHIR topics'''
 
||'''Security WG - FHIR topics'''
#S&P Considerations for FHIR
+
*S&P Considerations for FHIR
#Simplified view of the HCS
+
*[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=9167 9167] AuditEvent needs to make more obvious how to record a break-glass event (John Moehrke)
#http://wiki.hl7.org/index.php?title=HL7_FHIR_Security_2018-08-28#Current_Open_Issues_in_gForge
+
*[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=10343 10343] Three additional Signature.type codes (Kathleen Connor)
 +
*[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=11071 11071] Improve security label guidance (Kathleen Connor)
 +
*[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=12660 12660] HCS use clarification (John Moehrke)
 +
*[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=17192 17192] Verification of given resource without changing the content (Thomas Johansen)
 +
*[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=17299 17299] enhance current disclosure AuditEvent so that it explains what is being recorded and why (John Moehrke)
 +
*[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=17300 17300] Break-Glass description needs clarifications (John Moehrke)
 +
*[http://gforge.hl7.org/gf/project/fhir/tracker/?action=TrackerItemEdit&tracker_item_id=14678 14678] Implementation guide for signatures+-+2018-Jan Core+%231 (Brian Pech)
 
||Security hosting FHIR-I, CBCP
 
||Security hosting FHIR-I, CBCP
||Room
+
||Constellation C
 
|-valign="top"
 
|-valign="top"
 
| ||||Q4||3:30-5:00
 
| ||||Q4||3:30-5:00
||'''Security '''
+
||GDPR Session
Security hosting CBCP
+
* GDPR Chat-a-thon Findings
* PSAF Project Refresh, ''Trust Framework and S&P DAM'' - (Information Model) Next Steps - Mike Davis
+
*[http://confluence.hl7.org/display/SEC/FHIR+-+GDPR GDPR White Paper]
||Room TBD
+
*[http://wiki.hl7.org/index.php?title=GDPR_(General_Data_Protection_Regulation) Security GDPR Wiki]
 +
||Security hosting CBCP
 +
||Columbia
 
|-valign="top"
 
|-valign="top"
 
| THU||OCT 04||Q1||9:00-10:30
 
| THU||OCT 04||Q1||9:00-10:30
Line 139: Line 155:
 
* FHIR FMM advancement for Security and Privacy resources
 
* FHIR FMM advancement for Security and Privacy resources
 
||Security hosting CBCP, FHIR-I'''
 
||Security hosting CBCP, FHIR-I'''
||Room
+
||Constellation C
 
|-
 
|-
 
|-valign="top"
 
|-valign="top"
 
| ||||Q2||11:00-12:30
 
| ||||Q2||11:00-12:30
 
||'''Security WG Project Meeting'''
 
||'''Security WG Project Meeting'''
 +
* PSAF Project Refresh, ''Trust Framework and S&P DAM'' - (Information Model) Next Steps - Mike Davis
 
* Workgroup Health Update - Security needs to publish S&P DAM and align 3 Year Plan with Project Insight Security Projects.
 
* Workgroup Health Update - Security needs to publish S&P DAM and align 3 Year Plan with Project Insight Security Projects.
 
* [https://gforge.hl7.org/gf/download/frsrelease/1298/16852/InfrastructureSD-WorkGroupHealth_2018SepInterim.pdf Infrastructure Steering Division - September Interim Report]
 
* [https://gforge.hl7.org/gf/download/frsrelease/1298/16852/InfrastructureSD-WorkGroupHealth_2018SepInterim.pdf Infrastructure Steering Division - September Interim Report]
Line 153: Line 170:
  
 
||Security
 
||Security
||Room
+
||Constallation C
 
|-valign="top"
 
|-valign="top"
 
| ||||Q3||1:45-3:00||.||||.
 
| ||||Q3||1:45-3:00||.||||.

Latest revision as of 19:52, 3 October 2018

READY for Security AGENDA Items

Back to Security Meetings

HL7 September 2018 Baltimore WGM Event BROCHURE Link

Back to Security Meetings

AGENDA

valign="top"
Day Date Qtr Time Event Session Leader Room
SAT SEP 29 Q1 - Q4 9:00-5:00 . .
SUN SEP 30 Q1 9:00-10:30 . .
Q2 11:00-12:30
Q3 1:45-3:00 FHIR MG Room TBD
Q4 3:30-5:00
MON OCT 01 Q1 9:00-10:30 . No Meeting .
Q2 11:00-12:30 . No Meeting .
Q3 - Q4 1:45-5:00 Joint CBCP - Security CBCP hosting Security Columbia
TUE OCT 02 Q1 9:00-10:30 Opening Security WG Meeting
  • Introductions
  • Approval of agenda
  • International Report outs
  • Liaison Reports: ISO, IHE, ONC, OASIS
    • OASIS XSPA-SAML Update
  • FHIR Security Report out/S&P Considerations - John Moehrke
  • HL7 Project status and updates:
    • Is Privacy Obsolete Study Group (report out here and at joint EHR meeting and possibly FHIR group?) - Mike Davis
    • PSAF Project Refresh, Trust Framework and S&P DAM - Next Steps overview - Mike Davis
Security Guest Romm 319
Q2 11:00-12:30 Security Ballot Reconciliation
  • TF4FA Volumes 1 & 2 Ballot Reconciliation
  • Update of Volume 3 Draft - Mike Davis
  • PASS Audit Ballot Reconciliation - Update PASS Audit per ballot dispositions
Security Frederick
Q3 1:45-3:00 Joint CBCP, Hosting Security

Proposed Topics: HL7 Project status and updates:

  1. Trust (Luis Maas-if able to attend)
  2. FHIR-Security and Privacy Topic Overview/cont.(JohnM)
    • Future FHIR-Security and Privacy topics
    • Drill down of FHIR Security-Privacy activities
Columbia
Q4 3:30-5:00 Security Joint with CBCP
  • MiHIN's ONC Patient Granular Choice Pilot presentation - Shreya Patel
  • FHIR Consent and FHIR Contract Comparison proposed white paper
Convay
WED OCT 03 Q1 9:00-10:30 Joint w/ EHR, CBCP, FHIR, SOA, Security

In-depth discussion :

  1. TF4FA Vol. 3 Update - Mike Davis
  2. PSAF Project Update - Mike Davis
  3. S&P Considerations for FHIR - John Moehrke
  • Security rep to OO for FHIR2V2 PSS for security labels W Q1/Q4
  • Security rep to PAC
EHR hosting Security, CBCP, FHIR-I Constallation D
Q2 11:00-12:30 Security
  • PSAF Project Refresh, Trust Framework and S&P DAM - (Information Model) Next Steps - Mike Davis (moved to another Q)
Security NO ROOM ASSIGNED!!!
Q3 1:45-3:00 Security WG - FHIR topics
  • S&P Considerations for FHIR
  • 9167 AuditEvent needs to make more obvious how to record a break-glass event (John Moehrke)
  • 10343 Three additional Signature.type codes (Kathleen Connor)
  • 11071 Improve security label guidance (Kathleen Connor)
  • 12660 HCS use clarification (John Moehrke)
  • 17192 Verification of given resource without changing the content (Thomas Johansen)
  • 17299 enhance current disclosure AuditEvent so that it explains what is being recorded and why (John Moehrke)
  • 17300 Break-Glass description needs clarifications (John Moehrke)
  • 14678 Implementation guide for signatures+-+2018-Jan Core+%231 (Brian Pech)
Security hosting FHIR-I, CBCP Constellation C
Q4 3:30-5:00 GDPR Session Security hosting CBCP Columbia
THU OCT 04 Q1 9:00-10:30 Security hosting CBCP, FHIR-I Joint
  • FHIR Consent Resource - Discussion (CBCP-Security) see Wiki: HL7 FHIR Consent Directive Project
    • Contract vs Consent Issue Grahame, Lloyd
  • FHIR categorization by security/privacy considerations
    • can the FHIR tooling help build UI around categorization into various groups (public, business, personal, patient, other)
    • thus each page would have something at the top similar to 'compartment' with possibly multiple classifications
    • and each page 'might' have additional S&P considerations only where it is different than that classification
  • FHIR FMM advancement for Security and Privacy resources
Security hosting CBCP, FHIR-I Constellation C
Q2 11:00-12:30 Security WG Project Meeting



Security Constallation C
Q3 1:45-3:00 . .
Q4 3:30-5:00 . .
FRI OCT 05 Q1 9:00-10:30 . .
Q2 11:00-12:30 . .
Q3 1:45-3:00 . .
Q4 3:30-5:00 . .

Back to Security Wiki Meetings


Session Type:

Business Meeting
Technical Meeting
Ballot Reconciliation