Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Agenda Overview
  • Minutes
  • FAIRness for FHIR
  • FHIR Security
  • FHIR DS4P IG - Ballot Reconciliation
  • Cross Paradigm US Security Labeling IG
  • HL7 Privacy and Security Information Model PSS
  • Infrastructure SD
  • Share with Protections White Paper Project
  • CARIN Blue Button Report Out
  • HL7 Policy Advisory Committee (PAC)
  • Chat notes

 Minutes Approval

Approve Meeting Minutes: 

2020-07-14 Security WG Agenda/Minutes

Motion to Approve  7/14/2020 WG call

Moved/Second: Beth / Suzanne

Vote - Approve/Abstain/Oppose :   8-0-0

(approved by consensus)

FAIRness for FHIR


Giorgio Cangioli - Presentation on the FAIRness for FHIR project proposal and why the Security WG may be interested in participating.

<add PPT> 

View file
nameFAIR4Health_at_HL7-Security-WG.pdf
height150

  • Findable Accessible Interoperable Reusable (FAIR) principles - first introduced in 2014 - https://www.go-fair.org/fair-principles/
  • requesting co-sponsorship assistance from Security WG; will bring up project at FHIR-Security Call (Monday); project is worth exploring
  • Note: Project has received funding from the EU Horizon 2020 research and innovation programme under grant agreement No. 824666
  • will discuss further at the FHIR Security Meeting
  • for more information please contact Giorgio Cangioli
https://www.go-fair.org/fair-principles/ 
FHIR Security

2020-07-20 FHIR-Security Meeting Agenda - no meeting this week


September WGM Prep

Planning is underway - See 202009 September WGM Prep

We need to decide how many sessions and time slots.

September Connectathon planning is also underway.

Instead of the usual request for meeting room space, this email is asking Co-Chairs to submit the days/times that they’ll meet based on 2-hour time slots via a Doodle Poll (https://www.doodle.com/poll/crgmir8dzh8x7f44).  The deadline to submit this information is Friday, August 7th.

Planning on hosting a Joint session? 
Joint meetings require a bit more planning. 

First, we want to be able to communicate the focus of joint meetings, so we’d like you to add the discussion topic to your Doodle entry as explained below.  Also, if possible, schedule them at 10am or 4pm ET.

The HOSTING Work Group Co-Chair(s) own the task of requesting the time in the Doodle poll.  Hence, the Co-Chairs of the HOST Work Group should reach out to the Co-Chairs of joining Work Group(s) and determine when they’ll all meet.  Once that’s determined, the Co-Chairs of the HOST Work Group will add a separate entry into the Doodle Poll FOR EACH UNIQUE JOINT MEETING that they’ll host, indicated the Work Groups that are joining and the focus of the joint meeting.

Example:

Vocab HOSTING: FHIR-I, MnM Topic: FHIR in the V3 World

Vocab HOSTING: SD WG Topic: UTG

Proposed 2 hour Sessions:

Opening Session - PM for international participation

Joint with CBCP Opening Session

FHIR Security Work Session

FHIR DS4P and Cross Paradigm US Regulatory Security Labeling IGs Review Session in preparation for early January Ballot

Share with Protection Ballot Outcome and Reconciliation Session

Privacy & Security Information Model Work Session in preparation for January Ballot

Housekeeping Session





FHIR DS4P IG

Review and approve FHIR DS4P IG Out-of-cycle ballot request for 10/20 opening date.

Review Reconciliation Spreadsheets and JIRA Ballot Recon

Missed approval of Reconciliation prior to July 5th Sept NIB due date Security WG Admin

Ballot results:

Quorum met - 107 voters, FHIR DS4P IG Ballot Passed

  • Affirmative - 26
  • Negative - 13
  • Abstain - 35

Negatives - missing definitions, which is the result of tooling errors we need to fix, and a general misunderstanding that the FHIR DS4P IG is the basis for profiles for policy specific security label IGs much like the CDA DS4P IG is.  Only the profiles are implementable.

https://www.hl7.org/documentcenter/public/wg/tsc/HL7%20May%202020%20Ballot%20Results.zip


 Spreadsheet Spreadsheet

 Spreadsheet

Upcoming deadlines:

  • NIB Deadline for submission - ???, 2020
  • FHIR IG must be substantively complete - ???, 2020
  • FHIR IG must be complete and handed over to sponsoring WG for QA review - ???
  • QA review cycle - ???
  • Content QA Change application - ???
  • Final content to Lynn for inclusion in Oct Out-of-cycle ballot ???
  • Submit Ballot Readiness Checklist - before ???

If you have any questions about these dates or the process, you can check out the FHIR IG Process Flow on Confluence

(https://confluence.hl7.org/display/FHIR/B+-+Content+Development+and+Submission)

TSC Approved FHIR DS4P IG Out-of-cycle ballot request "early January ballot" 

2020-07-20 TSC Agenda/Minutes



MOTION: Approval of Ballot Reconciliation comments:

#s 122-127 block vote (all are persuasive)

DoD disposition review



Cross-Paradigm US Regulatory Security Labeling IG

Kathleen - Review and approve Cross Paradigm US Regulatory Security Labeling IG Out-of-cycle ballot request and FHIR US Regulatory Security Labeling IG Out-of-cycle ballot request

FHIR US Regulatory Security Labels Continuous Build - No update in the build

GitHub repo for the source material:https://github.com/HL7/us-security-label-regs 

John and Mohammad are committers.

US Regulatory Security Label Example Sandbox

Security Labeling Parking Lot

US Regulatory Security Label examples were included in the FHIR DS4P IG.  These will be the starter set for the FHIR US Regulatory Security Label IG

TSC approved 2020-07-20 TSC Agenda/Minutes

Cross Paradigm US Regulatory Security Labeling IG Out-of-cycle ballot request and FHIR US Regulatory Security Labeling IG Out-of-cycle ballot request




Security and Privacy  Information LOGICAL Model (S&P DAM REFRESH) 

2020-07-08 Privacy and Security Model Report out - Mike Davis

Starting weekly calls 7/8 dedicated to development of the HL7 Privacy and Security Information Model

Wednesdays 1 - 2 ET http://www.hl7.org/concalls/CallDetails.aspx?concall=50666

HL7 Privacy and Security Information Model PSS

Information model update: The new information model will consolidate and harmonize security models across HL7 standards (Access Control, Audit, TF4FA etc.) and (incomplete) updates from FHIM (Consolidated unresolved models). Also included are direct mappings to Access Control, Audit and Authentication (e.g. Class models)  mapped to Access Control services.

ISD PPS approved 7/7

TSC PSS approval before August 23, 2020

ISD PPS approved 7/7




Infrastructure SD

Nothing to report.


Share with Protections White Paper Project

Walk through of Share with Protections White Paper; Please note new section added toward the end of the document. 

 NIB approved and submitted.

Motion to Approve SwP submission for Sept Ballot

2020-06-23 Minutes

Document
Presentation


CARIN Blue Button Report Out

Nothing to report.

Security is a cosponsor of CARIN Blue Button IG. Calls http://www.hl7.org/concalls/CallDetails.aspx?concall=48592 Monday Mar 2, 2020 - 02:30 PM (Eastern Time, GMT -05) https://leavittpartners.zoom.us/j/461256971 or Dial: 1 646 876 9923 // Meeting ID: 461 256 971


HL7 Policy Advisory Committee (PAC)


7/20 Meeting - Call for WG input to the ANSI AI Survey, which includes privacy, security, integrity and provenance/lifecycle questions.

ANSI Opens Survey: Standardization Empowering AI-enabled Systems in Health Care

The American National Standards Institute (ANSI) has released a survey on standardization empowering artificial intelligence (AI)-enabled systems in health care. ANSI seeks feedback from interested stakeholders on related standardization issues, solutions, efforts, and the role of standardization in the governance and regulation. Survey responses are requested by July 31, 2020 , and the ...

www.ansi.org


Notes from CHAT

Requesting review provide comment / recommend participants review the information (links below)

High Water Mark on Bundle - https://chat.fhir.org/#narrow/stream/179247-Security-and.20Privacy/topic/Meaning.20of.20Security.20Labels.20on.20Bundles

Consent - https://chat.fhir.org/#narrow/stream/179247-Security-and.20Privacy/topic/Consent.20IG.3F

Scopes for data access - https://chat.fhir.org/login/#narrow/stream/179175-argonaut/topic/Scopes.20for.20data.20access

DS4P IG - https://chat.fhir.org/#narrow/stream/179247-Security-and.20Privacy/topic/DS4P.20IG

Fine-grained Security Policies

Consent Provisions

 OCR ruling related to Cost for Right of Access

Grahame Provenance agent.type vs agent.role value sets and element semantics


Meeting Adjournment

No additional agenda items brought forward

Meeting adjourned at 1345 Arizona time

Meeting recording: 

...