Skip to end of metadata
Go to start of metadata

Chair:  John Moehrke

Scribe: John Moehrke  

Mondays at 12:00 pm Eastern Time -

NOTE: This attendance applies if you are present at the related meeting/call, regardless if you have signed a different attendance for your WG. 


Minutes Approved as Presented 2019-11-25 FHIR-Security Meeting Agenda

This is to approve minutes via general consent. "You have received the minutes. Are there any corrections to the minutes? (pause) Hearing none, if there are no objections, the minutes are approved as printed."

Agenda Topics

Agenda Outline

Agenda Item

Meeting Minutes from Discussion

Decision Link(if not child)
Management Minutes ApprovalMinutes approved
New projects?

Potential (but only if someone steps forward) new projects this committee could take on:

* Basic Provenance in FHIR
* AuditEvent supporting Patient Empowerment
* Additional guidance for the core security pages
Security around FHIR Subscription
Security around bulk-data access
Security around multi-organization interactions (e.g. HIE)
* App dynamic registration
* Updating of SMART-on-FHIR with next kind of use-case (tbd)
* Templating of IG to drive Security Considerations
* Templating of IG to drive consistent use of Provenance, AuditEvent, and Signatures
* Definition of a new Resource for Permission use-cases
* Creation of a library of security/privacy focused IG that can be included in 'other' IG as modular security solutions (similar to how SMART-on-FHIR is used today, but supporting other security models). This might be where the subscription, bulk-data, and multi-organization solutions are organized for easy use.  

didn't review
In ProcessSecurity Open Items – now in JIRA

FHIR-24908 - Where vocabulary and valuesets come from DICOM, they should be imported and used from DICOM – elimination of AuditEvent codeSystem duplicaitonwaiting on dicom

FHIR-24907 – Lifecycle event valueset should include HL7 lifecycle event vocabulary (ISO 10781) – bring in HL7 lifecycle event vocabularywaiting on iso

FHIR-24676 - PurposeOfUse vocabulary from ISO 14265 – bring in ISO vocabularywaiting on iso

FHIR-23712 - Getting issue details... STATUS  waiting on ISO

waiting on iso

FHIR-11071 - Getting issue details... STATUS  DS4P and CUI will be creating IG. This exercise will result in update of the FHIR core with informed instructions

moved to DS4P
Open Items

T Key Summary Assignee Reporter P Status Resolution Created Updated Due

John Moehrke changed the status to Triaged on FHIR-25180 - Add annotation extension to security labels with a resolution of 'Considered for Future Use'

John Moehrke changed the status to Triaged on FHIR-25217 - Add RelatedArtifact extension security label with a resolution of 'Considered for Future Use'

John Moehrke created a link from FHIR-23712 - Add additional codes to to Page (Confluence)

John Moehrke changed the status to Triaged on FHIR-23712 - Add additional codes to

 have to wait on HTA on this one to add ISO RLE codes but not sure what else needs doing.

John Moehrke changed the status to Waiting for Input on FHIR-23712 - Add additional codes to

John Moehrke changed the status to Resolved - change required on FHIR-19311 - Security Integrity tag for a Copy/Dup

John Moehrke changed the status to Triaged on FHIR-19311 - Security Integrity tag for a Copy/Dup with a resolution of 'Persuasive with Modification'

Luis discussion that the lack of the copy mark vocabulary does not mean that the data are original. That is the vocabulary value is available to be used for purpose. 

John Moehrke changed the status to Triaged on FHIR-19311 - Security Integrity tag for a Copy/Dup

SecurityPolicy valueset should include v3 act code PrivacyMark

FHIR BlockBlock vote preparation


FMMDefined plan to mature

Connectathon Update on Security at FHIR connectathon

SMARTdiscussion of next generation of SMART

Consent servicediscussion of next generation consent service

Management Next agenda

New Business

60 minutes

Supporting Documents

Outline Reference

Supporting Document

Minute Approval