HL7 Meeting Atlanta, GA September, 2009
HL7 Security WorkgroupMeeting Minutes
Attendees
Name E-mailTue
Q1
Tue
Q2
Tue Q3
Tue
Q4
Thu
Q1
Thu Q2
Thu Q3
Thu
Q4Alex Dejong [email protected] XAndy Bond [email protected] XBernd Blobel [email protected] X X X X XBill Braithwaite [email protected] X XDavid Staggs [email protected] X X XDon Jorgenson [email protected] XGlen Marshall [email protected] X X X X X X XHarry Rhodes [email protected] XHideyuki Miyohara [email protected]
p X X X X X X X
John Moehrke [email protected] X X X X X X XLori Reed-Fourquet [email protected] X X XMike Davis [email protected] X X X X X X XRay Krasinski [email protected] X X X XRichard Thorenson [email protected] X XSteven Connolly [email protected] X X X X XSteven Ward [email protected] X Suzanne Gonzales-Webb
[email protected] X X X X
Minutes
1. Introductions
2. Agenda approval
3. Reports from other security-relevant organizations’ activities ISO -
o Next ISO meeting @ Durham, NCo Audit trails for electronic health records. Revisions made. The revision broke
desired continuity with RFC 3881. Sent to Joint CEN-ISO-HL7 committee for harmonization.
o NWIP Classification of Data Purpose-of-use will be brought forth.o NWIP Security & Privacy requirements for compliance testing in EHR
systems (part 2 is PP for small-scale EHRs)o TR Dynamic on-demand VPN for health information infrastructureo Guidelines on data protection to facilitate trans-border flows of health
information updated
1
HL7 Meeting Atlanta, GA September, 2009
o TS 13606-4 - EHRs Communicationo TS 21547-1 and TR 21547-2 - Secure Archiving of EHRs.TS 21091 -
Directory Services - going to full IS HITSP work done and under-way
o Service Collaborationso Consumer Preferenceso Common Data Transport
ASTMo E1986 - coded values for role codeso Proposing E31.25 security joint with next HL7 meetings - suggest Friday
8am-noon OASIS
o XSPA - profile of SAML, XACML, and WS-Trust plus HL7 RBAC and ASTM E1986 have reached technical committee approval and expect full standard by November 1. Probably will incorporated into HITSP C19, TP20, TP30
IHE o Change proposals to clear-up BPPC profile confusiono Add new Syslog protocol (RFC 5424, 5425, 5426), replacing UDP and
deprecating RFC 3194.o Access control white paper
EuropeSlides presented by Bernd Blobel:
Japano Slides presented by Hideyuki Miyohara (not provided)
4. Project Review Project database clean-up Security Domain Analysis Model (DAM)
o Approved by motion in joint meeting. Security to leado Project plan to be submittedo Submitted to Steering Division, to be discussed on October 6 call.o Target is January 2010 DSTU balloto Will utilize Tuesday 1pm-2pm t-con time
Implementation guide for Composite Privacy Consent Directiveo Approved by motion in joint meeting. CBCC to leado Project plan to be submittedo Submitted to Steering Division, to be e-voted.o Target is January 2010 DSTU balloto Will utilize Tuesday 1pm-2pm t-con time
Risk Management Assessment update
2
HL7 Meeting Atlanta, GA September, 2009
o Suzanne Gonzales-Webb owns this for the WG, working with Diana Medrugao Delayed until January 2010o Plan to conduct live class in January. No current plan to put it online, but it is
possible after the tutorial is conducted a few times to mature it. New Proposals, including joint projects with other WGs
o None known
5. Action Items Formal harmonization pathway with ISO/TC 215 WG4
o Joint HL7-ISO-CEN (JIC) committee is the pathway. o Item closed for this WG.
RBAC Tutorial o Owned by Mike Davis.o Has been on-hold pending RBAC ballot, which is now complete.o Will formalize as a project, at least to determine need, with objective of
creating tutorial. - Motion: Project to create RBAC tutorial project [Davis, Braithwaite] vote:
no 1, abstain 0, passed 10-1. - Motion: Project to create access control technical & management tutorial
[Davis, Moehrke] Bernd is also an interested party. vote: unanimous (11) Digital Rights Management (DRM)
o We have asked Kathleen Connor to participate in Security WG for this.o No action since September 2008.o No interest in this as a project at this time. Will include it on 3-year plan.
Break Glass/Emergency Accesso Owned by Mike Davis and John Moehrke.o Need to distinguish between “break glass” and “emergency access” concepts. o PASS already has use cases to cover this.o No need for project for the Security WG. o Item closed for this WG.
HL7 Pseudonymization and Anonymization ruleso Glen Marshall, Lori Fourquet, and John Moehrke own this.o Possible joint project with Structured Documents and/or InM and/or SOA.
Need to follow-up with those WGs.o Will include it on 3-year plan.
Digital Signatureso Glen Marshall owns this for the WG. o Motion to establish a digital signature project [Moehrke, Blobel] Investigate
RIM digital signature elements and determine if HL7 Japan digital signature specification can be used as a basis to update the RIM. Vote: unanimous approval.- HL7 Japan CDA Document Digital Signature Standard
3
HL7 Meeting Atlanta, GA September, 2009
o Glen will create project proposal and submit to WG for approval, then to SD.
HL7 Harmonization of OASIS Profiles (SAML, XACML, WS-Trust)o This is satisfied by OASIS XSPA profile.o Item closed for this WG.
Use ISO/TS 22600 (PMAC) for EHR privacy protectionso Bernd Blobel owns this. o Possible new project for Security, possibly joint with CBCC and EHR, but no
resources available to move forward.o Will add to 3-year plan.
PCI Payment Card Industryo Not in HL7 scopeo Item closed for this WG
Security WG WIKIo We have this now.o Item closed for this WG
HL7 security architectural modelo Bernd Blobel owns this, as the WG modeling facilitator.o With SAEAF and PASS, do we need this as a distinct effort? o Will add to 3-year plan, as an item of interest. No deliverables defined.
HL7-specific Security Messageso Discussion: No healthcare-specific need for normative work. We need to
suppress duplication of cross-industry SDOs’ usable work in HL7 normative and informative work.
o Will add to 3-year plan as an item *not* to do. Genomic Security
o Pilot project for risk-assessment tool.o John Moehrke and Alan Hobbs own this.o There is no interest in the Clinical Genomics WG.o Will add to 3-year plan as an item of interest. No deliverables defined.
Architecting Privacyo Motion: Create a project to develop a model for privacy architecture by
design, proactively built-into systems so that privacy protections are engineered into the technology from the outset. [Davis, Blobel]. Vote: unamimous
o Mike will create project proposal for WG approval, then bring to SD.o Mike will contact CBCC for possible joint project work.
HL7 Ambassadoro We view tutorials as our initial deliverable to this program. This is not a
separate action item from those projects.
4
HL7 Meeting Atlanta, GA September, 2009
6. Charter and 3-year plan SWOT Analysis
o Strengths- Subject matter expertise in HL7 Security WG- International nature of WG members- Cross-Membership in other SDOs.
o Weaknesses- Availability of resources & time to perform work- Lack of direct participation by providers and consumers
o Opportunities- Introduce SOA architecture concepts security and privacy (e.g., SAEAF
Alfa project.)- Harmonize the existing work and promote greater collaboration among
multiple SDOs- Apply Risk Management to standards development within HL7 projects - Provide education to HL7 WG and larger stakeholder community (e.g.,
HL7 Ambassador program)- Chronic disease Mgt: (Possible TBI opportunity with Allen Hobbs)
Requires specific privacy. ?- Cross-SD coordination.
We need to promote improvements in coordination. Owned by co-chairs, via attending SD meetings
o Threats- Inappropriate incorporation of non-HL7 standards within HL7, e.g., digital
signatures that do not implement policies nor mitigate well-defined threats.
- Inappropriate definition of security protections without reference to industry standards, policies, or threats.
- HL7 tooling makes communication difficult and confusing.o Motion [Davis, Moehrke] to approve. Accepted, 1 abstention
Charter revision
o Motion [Davis, Moehrke] to approve. Accepted, 1 abstention 3-Year Plan
o Glen will merge projects, action items, and SWOT analysis with the charter to produce a draft 3-year plan, to be considered in a future teleconference meeting for formal adoption.
Adjourned until Thursday Q1
7. Ballot reconciliation Review of comments from Grahame Grieve
5
HL7 Meeting Atlanta, GA September, 2009
o Motion to accept the resolutions [Marshall, Blobel]. Approved unanimously Review of Gunther Schadow’s comment:
o Motion to accept this resolution [Marshall, Gonzales-Webb]. Approved unanimously
Review of remaining comments
o Motion to accept the resolutions [Marshall, Gonzales-Webb]. Approved
unanimously Note: See ballot resolution documents for a complete record.
8. Coordination and joint meetings with other HL7 committees Privacy DAM DSTU (Joint project with CBCC)
o 101 comments, mostly small changes.o Discussed some aspects of the comments. Asked for follow-up discussion in
weekly Security-CBCC meeting. Joint meetings in January
o CBCC Monday Q3-Q4o EHR Wednesday Q1o SOA Wednesday Q2o CCOW on Wednesday Q3
9. Next meeting Tuesday and Thursday
Adjourned Thursday, September 24, 3pm
6