Skip to end of metadata
Go to start of metadata

Chair:  John Moehrke

Scribe: John Moehrke  

Mondays at 12:00 pm Eastern Time 

Zoom Client Download

Meeting ID: 675 407 5337

Phone Number: +1 929-436-2866
Participant Passcode: 675 407 5337

Zoom Tip Sheet


Minutes Approved as Presented 2020-07-27 FHIR-Security Meeting Agenda

This is to approve minutes via general consent. "You have received the minutes. Are there any corrections to the minutes? (pause) Hearing none, if there are no objections, the minutes are approved as printed."

Agenda Topics

Agenda Outline

Agenda Item

Meeting Minutes from Discussion

Decision Link(if not child)
Management Minutes Approvalapproved by general consent

New topic on Provenance.agent.type vs .role

Discussion uncover that there is a  need to clarify Provenance.agent.type from Provenance.agent.role.

This was done in  FHIR-28184 - Getting issue details... STATUS

  • Moved approval: Kathleen . Alex: 6-1-1

Also noted that the Provenance.agent.role (structural role) value-set should be trimmed down to just a few examples of good structural roles. All the values in there today are functional roles and are duplicates of the Provenance.agent.type

New CR was created  FHIR-28185 - Getting issue details... STATUS

  • Action Kathleen Connorto come up with some sample structural roles for consideration on this CR soon,.


ACTION: please review as the full codesystem for v3-ActCode seems excessive and inappropriate for provenance activity

FHIR Fine Grained Security beyond OAuth2 - led by Josh Mandel

  • Presentation decks available 


FAST - Luis Maas

FAST workgroup is looking to wrap up by this fall

Luis Maas will provide a link to their latest reports

ONC Tech Forum  - August 10-11 virtual event - 

Permission Resource is prototyped

FHIR Permission - for use-case submission and analysis

Jose added:

  1. Example: There is a policy somewhere that states e.g. "all primary teams may have access to the patient administrative and non-sensitive health data"
  2. Example 2: Access to clinical data by all Care team members.
    1. in Belgium the patient currently needs to allow the hospital to distribute the data. From this on, the hospital grants permission to the team members
  3. Need to refine who has access to the report for which purposes for how long. (what is "the report"? Only diagnosticReport? Or related Condition or treatment?)

FHIR IG Proposal for gov work (confluence and build shown in github readme) 


Confluence: FHIR DS4P IG

T Key Summary Assignee Reporter P Status Resolution Created Updated Due

nothing ready to discuss.

Kathleen Connor reports that all items by Nancy have been discussed in other meetings and noted agreement these will be withdrawn.

discussion of next generation of SMART

discussion document

In Process

FHIR-24908 - Getting issue details... STATUS

waiting on dicom – some movement as the DICOM codes are in theory in the terminology server – John Moehrketo attempt to use those codes and not self crafted codeSystem

FHIR-24907 - Getting issue details... STATUS

waiting on iso – some movement as ISO has not provided the document. BUT still not clear if licensing is clean. 

FHIR-24676 - Getting issue details... STATUS

waiting on M&M to give modeling guidance

Block Vote

Open Items

T Key Summary Assignee Reporter P Status Resolution Created Updated Due

FHIR BlockBlock vote preparation


FMMDefined plan to mature

Connectathon Update on Security at FHIR connectathon

Management Next agenda

New Business


55 minutes

Supporting Documents

Outline Reference

Supporting Document

Minute Approval