Minutes - Security WG 2023-03-22

From Health Level 7 Belgium Wiki
Revision as of 08:08, 22 March 2023 by KarlienErauw (talk | contribs) (Created page with "===== Attendees ===== * Anthony Maton * Bart Decuypere * Brecht Van Vooren * Brian Thieren * Didier Temans * Dominiek Leclerq * Elien De Koker * Félix De Tavernier * Jan St...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Attendees
  • Anthony Maton
  • Bart Decuypere
  • Brecht Van Vooren
  • Brian Thieren
  • Didier Temans
  • Dominiek Leclerq
  • Elien De Koker
  • Félix De Tavernier
  • Jan Stinissen
  • Jean-Michel Polfliet
  • José Costa Teixeira
  • Karlien Erauw
  • Philippe Baise
  • Steven Van den Berghe
  • Werner De Mulder
Excused/Not present
  • Benny Verhamme
  • Cyprien Janssens
  • Erwin Bellon
  • Isabelle Pollet
  • Jan Lenie
  • Marco Busschots
  • Nick Hermans
Agenda
  • Security controls: continue work on use cases for permission and consent
  • Position of HL7 Belgium on the FHIR R5 release (to cover the already upcoming questions from players and stakeholders in Belgium)
  • FHIR readiness of Belgian metahub-hub system: see preparation work
Minutes

Use cases for Permission and Consent and respective need for interoperability and computability: see document here

  • Steven has added 2 scenarios #6 and #7
  • should notes be an element or a resource to tag the resource or the element
  • is it an option so make slices in a care plan to put the HCP's notes or the patient's notes
  • using an hierarchy for care plans that consists of several elements is an option
  • we are looking at Inline Security Labels
  • is there a difference a private and a public annotation ? do we want to go towards attribute filtering access
  • proposal of next step: list up approaches and look at variants
  • how to tag the attributes
  • GDPR: purpose of use in a hospital ?
  • it is handled at legal level, they cannot share this by law
  • traceability needs to be taken into account
  • Are there specific (legal) requirements that need to be taken into account
Action items
  • security controls: update document describing the current access matrix and the possible FHIR functionalities
  • prepare feedback on FHIR readiness hub/metahub system
Next meeting
  • Tuesday 18 April at 10AM