This session will focus on how to apply security and privacy to the health IT standards. It will cover the basics of security and privacy using real-world examples. The session will explain how each phase of design needs to consider risks to security and privacy to best design security and privacy in; and mechanisms for flowing risks down to the next phase of design. In addition, it will cover the security and privacy relevant standards that HL7 has to offer including: Role-Based-Access-Control Permissions, Security/Privacy ontology, ConfidentialityCode, CDA Consent Directive, Access Control Service, Audit Control Service, and others. These standards and services will be explained in the context of providing a secure and privacy protecting health IT environment.
First Quarter
- Cookbook for Security Considerations -- John Moehrke
- Tutorial Presentation on the Security Risk Assessment Cookbook Version 7.7
- Formal Security Cookbook Paper Version 2.41
- Do NOT use this tool :-)
Second Quarter
- HL7 Security and Privacy DAM and Ontology Bernd Blobel
- Security Access Control Mike Davis
- PASS—Privacy, Security and Access Services Don Jorgenson
- CDA Consent DSTU Trish Williams
The good news is that we had about 15 people for both quarters. We are planning the same thing for Phoenix in January. I need to adjust the agenda to make sure we cover everything as Don and Trish didn't get much time to cover their slides.
No comments:
Post a Comment