Minutes - Security WG 2023-03-22

From Health Level 7 Belgium Wiki
Revision as of 08:46, 22 March 2023 by KarlienErauw (talk | contribs)
Attendees
  • Anthony Maton
  • Bart Decuypere
  • Benny Verhamme
  • Brecht Van Vooren
  • Brian Thieren
  • Dominiek Leclerq
  • Elien De Koker
  • Félix De Tavernier
  • Filip Veldeman, BMIA
  • Jan Stinissen
  • José Costa Teixeira
  • Karlien Erauw
  • Nick Hermans
  • Philippe Baise
  • Steven Van den Berghe
  • Werner De Mulder
Excused/Not present
  • Cyprien Janssens
  • Didier Temans
  • Erwin Bellon
  • Isabelle Pollet
  • Jan Lenie
  • Jean-Michel Polfliet
  • Marco Busschots
  • Nick Hermans
Agenda
  • issue with incoming FHIR resource
  • data capabilities hospital projects
  • UUID
Minutes
  • Introduction of newcomer Filip Veldeman and the group
  • filip works toward semantic interoperability and on implementing a single
  • Filip aims to implement
  • CoZo: FHIR resource received from pharma softs
  • should URL be put in the resource
  • it is technically possible but not the best way to go
  • what type of coding is best to use the vendor number
  • Data capabilities projects call from FOD VG/SPF - deadline 17 April
  • projects on hospitals network level that look into structured data
  • linked to federated structured problem list within one hospital & sumehr so caresets & FHIR
  • there are different levels: hospital, hospital networks, hub/metahub level
  • there is ambition to do it on the top level in the right way ; what is the best way ? which people are needed to include ?
  • there is the need to be interoperable with the European level
  • maturity of FHIR resources is still quite low at European level, the data modelling part is mature though
  • identifier management
  • linked to referral project that will produce millions of prescriptions yearly
  • what if the request is being cancelled
  • FHIR allows multiple identifiers per resource, some can be temporary, a period of validity can be added
  • can the prescribing system use an identifier


Use cases for Permission and Consent and respective need for interoperability and computability: see document here

  • Steven has added 2 scenarios #6 and #7
  • should notes be an element or a resource to tag the resource or the element
  • is it an option so make slices in a care plan to put the HCP's notes or the patient's notes
  • using an hierarchy for care plans that consists of several elements is an option
  • we are looking at Inline Security Labels
  • is there a difference a private and a public annotation ? do we want to go towards attribute filtering access
  • proposal of next step: list up approaches and look at variants
  • how to tag the attributes
  • GDPR: purpose of use in a hospital ?
  • it is handled at legal level, they cannot share this by law
  • Please note that the next meeting is on Tuesday 17 April at 10AM (due to easter holidays)
Action items
  • Security controls: continue work on use cases for permission and consent
  • Position of HL7 Belgium on the FHIR R5 release (to cover the already upcoming questions from players and stakeholders in Belgium)
  • FHIR readiness of Belgian metahub-hub system: see preparation work
Next meeting
  • Tuesday 18 April at 10AM