Skip to end of metadata
Go to start of metadata




Chair:  @ Dave Pyke

Scribe: @Suzanne Gonzales-Webb

Attendees

Present

Name

Affiliation


xNameAffiliation
xSRS
xVA (Book Zurman)
x

David Pyke  Co-Chair

Ready Computing

@Jim Kretz Co-Chair SAMHSA 

John Davis  aka Mike Davis

VA
xKathleen ConnorVA (Book Zurman)

Georgia Tech

Chris ShawnVA
xCarradora

VA (Electrosoft)

Iris Health Solutions

@David Staggs

Book Zurman
xAltarum

@Francisco JaureguiVA (Electrosoft)
xGreg WhiteSRS

@Pele Yu pele.yu@archildrens.org Children's Hospital
xByLight

@Dave Silver

dave.silver@electrosoft-inc.com

VA (Electrosoft)

@Amber PatelSRS
xSSA (Aegis)

Beth Pumo  Kaiser

 @Laura Bright laurabright4@gmail.com 

Altarum 

@Forrest White forrest.white@altarum.org

Altarum

Jamie Parker   Carradora

 @Matt Lord mrlord@mdixinc.comMDIX Inc

@Hanna Galvin hannah.galvin@lahey.org 




Create Decision from template


Agenda Topics

Agenda Item

Meeting Minutes from Discussion

Decision Link(if not child)
Minutes Approval

2019-06-11 CBCP Meeting Agenda/Minutes (Copy)

VOTE: (motion) : Suzanne / Craig

Abstain: none   / Opposed:  none /  Approve: 11

eLTSS Update Report Out

eLTSS bi-Monthly report out
June 13 - Thursday 12:30-1:30 ET ;  webinar hosted on eltss / artifacts on eltss

announcmenet that we will be participating in September Connectathon; materials are avaialbe online


Internal team is doing a reviewing (QA) of the changes of the IG based ont he ballot comments. there are some issues w the tooling and rendering of the tables.  Team is updating the mapping to reflect the ballot.  Uploading the spreadsheet/html of spreadsheet

  • in the publishing of the IG - 
  • Dave will have to expand his defintions to make it complete (some handholding with the constraints )
    • also updates to the publishers which breaks other things which has caused delays/breaks the build

CraigN - emergency back-up plan (gforge ticket); unsure how to finanlize - will be completed offline


TEFCA Comments (overview) - Kathleen (5 min)

HL7 Response Letter ONC 21st Century Cures Act v05.27.19 - (update) comments submitted

LINKS to Documents: https://confluence.hl7.org/pages/resumedraft.action?draftId=42994964&draftShareId=b2d7b264-aa23-45f6-8839-18c5ee243f1e&  



Link to latest DRAFT:  https://confluence.hl7.org/display/SEC/TEFCA+2+Security+CBCP+Comments 

 Response to HITAC - Mike 

Mike to present thoughts on a letter to ONC countering the HITAC DS4P opposition

Issue:  HITAC, which has great influence with ONC, recently Dropped Support for DS4P citing concerns. 

VHA has developed various white papers, HL7 Standards, HIMSS demos, VHA pilots around DS4P/Share with Protections topics (Mike's papers, Braithwaite position, VHA position on labels, SLS under Mission Act, etc.).  ONC TEFCA and 21st Century Cures NPRM extends support for security labeling.  Despite advances, healthcare use of data labeling is for all intents unused and unusable. 


What Mike is trying to do with Sharing with protections combines with DS4P; we perceived/developed DS4P but did not develop Share with Protections but both are needed to support 21st CURES

  • slide 1 - overview; implementing foundations....
  • slide 2 - 
  • slide 3 - result of not-sharing; 
  • slide 4 - ONC goes out and finds the 'breacher' and fines them, but the patient gets nothing out of it as we currently do not have a property model–its difficult to create a joint suite (ie needs to show harm...and which breach causes harm); notion is that we want to use labels as a means of attaching security attributes (we don't do that today).  patient consent is not authorization to declassify the information BUT TO Share the information.
  • slide 6 - in 2013 hsare with protections; shift the mind set about patient date to share, with protections rather than protect.'
  • slide 7 - DS4P plus share with protections  - here data is always share and originators classifications ' flows with the data'
  • slide 8 - highly sensitive info will continue to be protected after discloser in the same way it was originally
  • slide 9 - use case descriptions

Propose to attempt to comments to add singular requirement (see slide 10)

Review of paper (attached); discussion

  • suggest call / sub-working group documents - to 


add:HL7 response - (page 3) / from recording / kathleen @9:30

Does the information in the documents satisy the thoughts of each wg for DS4P with Sharing with Protectisons. 


Requirement is probably aready covered in the notes - with some revisions per kathleen /  kathleen ; we did not dispute the doc level only in TEFCA; because ONC certification proposal–we did talk about doing only document level only... note that this was only a glidepath–it has not been widely adopted which is different what we might have come up with and what mike is proposing at the granular level.  if I was working w mike on this... if the group agrees this needs to be said more strongly

mike did not bring up the levels of the labeling in this discussion; onc indicated that they had feedback who waned to do labeling; at doc, segment and entry level an dthey were predisposed to do that.  hl7 came back is brining forward the policy with what they want to implennt (mike wants them to say they fully support based on goals being presented)

suggestion: mike should 

mike proposes we adopt share w protections, insuring the reciptient honors and persists the labels …. and that we provide this document that establishes the fine grained requiremnts that outlines the high level scheme–conceptual level.

appears that this is a pliyc statement since you're not going to share with everyone... and that the default is to share everyng.. you're asking onc to share everything; asking to say onc shares with things they...

(asking onc to change laws)


*** set up a meeting for a dbcp/security to doa formal review of the doc; then we can decide what to do, create a formal motion; Mike tos end out meeting invites/time suggestions


 

Use-case of registering a Privacy Consent that authorizes a proxy - DPyke, JMoehrke

Survey sent for meeting times by David Pyke (restart FHIR Consent meetings)


Thursday 2PM ET - new meeting set up / BI_WEEKLY presening use cases, other material review  next; meeting on 7/4 (the US holiday)

went through a couple of comments; looking at the examples which have gotten stale and we are looking at them altogether

  1. move to be on separate pageitns 
  2. model has changed significantly; core of the resource; 
    1. not reflected in new models
  3. will most likely postpone the 7/4

 eLTSS Use Case - Craig (15-20 min)

Discussion:  Next steps for Connectathon track

  • Craig following up the state of Michigan regarding the details of the workflow (and what role they would likely play in it)
    • No presentation of changes to the workflow this week (expect in future)
    • Altarum will continue to work the details of the use case; massage use case

continuing to state of Michigan (not going quickly)

  • interest in participating in the connectation; there are other groups, states who are interested inparticipating
    • as part of the Connectathon; they are interested in the work-flow; would like to know if there are other
    • if there official paperwork to document, enter use cases for the Connectathon
      • is there anything we need to do?  
        • contact care-team coordinator; last round in May, sent use case to coordinator (Dave Carlson Dave.Carlson@bookzurman.com)



eLTSS FHIR IG Project - Becky, Johnathan

Reconciliation complete, no outstanding comments.  Updated build is on fhir.build.org 


CBCP FHIR Consent CPs-DavidPNo update
 Provenance DAM - Mike DavisNo update
 DS4P FHIR IG

updates, if time permits

PSS Approved 6/4/2019: FHIR Data Segmentation for Privacy (DS4P) Implementation Guide PSS

Discussion with infrastructure (Rob McClure) that there was international participation; updated PSS with Almerys company from France. Also Peter Liesdock / Netherlands who were providing use cases from GDPR;

CBCP is co-sponsors; nothing else is changed if you would like to take a look and vote

No changes in the scope; adding Almerys, their cybersecurity person and co-chair from FM, Benoit Schoeffler, Claudia Negri, Auerlie Bale (those were the only aditions;

Motion to approve PSS in its final form: (no further comments 

(Kathleen/Greg) abstain: none; opposed:none approve:

 September 2019 WGMQuick review; Kathleen, Suzanne to commiserate Security WG, CBCP WG Q3/Q4 and other joint sessions at a future date
July 2019 Harmonization Proposals - ApprovalHarmonization Proposals - review

LINK:  Harmonization Proposals

Kathleen / Greg

Abstain: none; oppose: none; approve: xx

Adjournment Meeting adjourned at 0957Arizona Time (Kathleen)Temporary Meeting Recording:  https://fccdl.in/SNQibOiFVi

Supporting Documents

Outline Reference

Supporting Document

Minute Approval


Action items Suzanne Gonzales-Webb