HL7 wgm atlanta, Georgia, usa security wg agenda
Download 104.88 Kb.
|
- Navigate this page:
- Atlanta Security WGM Meetings
- Discussion about how to ballot the DS4P IG
HL7 WGM Atlanta May 2013 HL7 Security Workgroup Meeting Minutes HL7 WGM - Atlanta, Georgia, USA Security WG - AGENDAAttendees
May 6, 2013
Atlanta Security WGM MeetingsTuesday May 7, 2013 Tuesday Q1
Presiding chair: Mike Davis Agenda Approval
Mike walked the Security Work Group (SWG) the proposed agenda. Mike suggested spending some portion of Q1 discussing Doug Fridsma's announcement that ONC would transition the Data Segmentation for Privacy Implementation Guide (DS4P IG), which was developed by ONC Standards and Interoperability Framework, to the Security WG for balloting and maintenance.
SOA joint is cancelled and replaced by joint reconciliation with CBCC. Cochairs discussed the material to be presented at the Wednesday Q3-4 Educational Session, and the order of presentation.
Trish will be absent all day Thursday. John will be absent Thursday Q3-4.
SWG 3 year plan and WG health will be moved up to Monday Q1. A Joint with EHR/SOA/Security/FHIR has preempted Security Reconciliation Thursday Q2. Tentatively, Security Q3-4 will be cancelled.
Minute Approval
Discussion about how to ballot the DS4P IGSWG will handle the SOAP and DIRECT IGs and IHE will handle the REST IG to ensure that the IG is consistent with the IHE REST profile.
John suggested separating the content from the transport. Mike proposed that the DS4P IG be packaged with HCS. John raised alternative view about whether the DS4P IG be balloted separately. That would require a new scope statement, which might delay the September balloting.
Mike asked whether to bring the DS4P IG as an international or US standard. If the DS4P IG were international, then the current DS4P IGs would be a profile. After discussion, Mike concludes that the SWG should be balloted as US profile initially, and if the international community wants to create an international version, then the SWG can reconsider. Further discussion on the proposed approach to balloting the IGs with or without the HCS will be continued with CBCC. Trish stated that AU is not in a position to consider adopting the DS4P IG at this time.
Bernd reported on the progress on implementing the EU Directive. Hideyuki Miyohara stated that Japan would want to create its own framework. Hideyuki said that if Japan were to adopt a DS4P approach, it would not work on a profile of the DS4P because core parts of it would be replaced with Japan's workflows and Japanese clinical document standards.
Mike wants a new scope statement with multiple deliverables. The first deliverable would be the US realm DS4P, and then the other realms could create their own DS4P IG and ballot in their realm.
Presiding chair: Trish Williams
Trish led the SWG discussion of the WG 3-Year Plan, SWOT, and WG health. Two items of inactive balloting: The Security Risk Cookbook, which is on hold for TSC instructions on how to ballot. The Privacy and Authorization Vocabulary project scope has been completed under the second ballot of the RBAC catalogue in 2009. Action Items: John will ask Austin about how to ballot or whether to ballot the Risk Cookbook. Tuesday Q2
Presiding chair: Mike Davis
International and SDO representatives provided updates on security and privacy activities. Japanese activity
Hideyuki Miyohara presented the deck he presented to ONC, NIST and Kaiser Permanente about the Japanese Association of Healthcare Information Systems Industry (JAHIS), which is one of the Japanese SDOs. JAHIS is HL7 Japanese Realm, and has published many profiles using HL7 v2.5. John and Mike asked about the Japanese healthcare PKI. Every provider has a government issued JPKI from Japanese national Certificate Authority. Patients use at 3rd party PKI. Patient can choose the permission table in the PHR to allow a service provider to access the patient's PHR. Transport is a web service.
John asked about authorization. Hideyuki said they use the permission table in the PHR. John asked about use of OAUTH. Hideyuki noted that in the future, that the permission tables would be managed centrally so that any organization meeting the clearance would have access to the patient's PHR rather than having the patient directly involved in authorizing each service provider. John asked about digital signature types. Hideyuki stated that Japanese use all 3 types. John asked about whether partial digital signature, e.g., to decouple a portion of the payload from being bond to the attesting provider's digital signature if, for example, that provider is not the source of that portion of the payload.
HL7 Japan has developed a CDA for prescriptions rather than phone/fax. Japan requires prescriptions in a document form. Use has Patients prefer paper prescriptions. [Action Item - Hideyuki will send pdf of ppt week after the WGM]
Tricia and Daniel Henzi talked about AU PCEHR security topics and use of digital signature. Saudi Arabia
Lori reported on Saudi Arabia use of a national PKI, which is encouraged, but not mandated. It is not specific to healthcare. Providers and organizations will be issued PKI, but no plans for provisioning patients at this time. The Saudis are developing a provider registry and establishing professional roles. GE has the project management contract for the analytics and specification development
Lori reported on the ISO meeting in Mexico City for 4 days in mid-April. Lori presented WG4 Report to Plenary for Mexico.ppt describing the meeting activities. Tuesday Q3 - 4
Presiding chair: Mike Davis Mike added a time boxed review of the draft DS4P IG Project Scope statement. Edits were made in a revision that was distributed to the SWG. The proposal will continue to be refined during the Joint with CBCC Wednesday Q2. Tony Weida presented on the current status of the Security and Privacy Ontology ballot (SPO). SWG discussed the utility and expected benefits for SPO, including its use in a HL7 Common Terminology Service for authoring and adjudicating e.g., security policies, consent directive, and security labels. Tony proposed dispositions to John Moehrke's comments. Several of the comments had to do with the conformance statement. Objections to their prescriptiveness and scope were discussed and reconciled. Members of the SWG thanked John for his thorough ballot review and thoughtful comments, which stimulated new thinking on future direction of the SPO.
Wednesday May 8, 2013 Wednesday Q1
See EHR Minutes
See CBCC Minutes
Thursday May 9, 2013 Thursday Q1 – 2
<
Audio recording started: 11:58 AM Thursday, May 09, 2013 Presiding chair: Mike Davis
WG reviewed the agenda. A Joint EHR, SOA, and Security meeting for FHIR preempts the planned reconciliation in Q2. Key ballot commenters and cochairs will not be available for Q3 - 4. WG decided to cancel Q2 - 4 and to continue reconciliation on interim calls. See ballot spreadsheet Decisions outside of the spreadsheet:
CANCELED
CANCELED
| Page Directory: documentcenter -> public public -> North American Association of Central Cancer Registries, Inc public -> Atlanta wgm meeting Minutes Service-oriented Architecture Workgroup documentcenter -> Near East Side Area Roadmap – draft document (sans maps, photos, illustrations) 1/29/12 Contents Download 104.88 Kb. Share with your friends:
|
