Minutes - Security WG 2023-03-08
From Health Level 7 Belgium Wiki
Attendees
- Anthony Maton
- Bart Decuypere
- Brecht Van Vooren
- Brian Thieren
- Didier Temans
- Dominiek Leclerq
- Elien De Koker
- Félix De Tavernier
- Jan Stinissen
- Jean-Michel Polfliet
- José Costa Teixeira
- Karlien Erauw
- Philippe Baise
- Steven Van den Berghe
- Werner De Mulder
Excused/Not present
- Benny Verhamme
- Cyprien Janssens
- Erwin Bellon
- Isabelle Pollet
- Jan Lenie
- Marco Busschots
- Nick Hermans
Agenda
- Security controls: continue work on use cases for permission and consent
- Position of HL7 Belgium on the FHIR R5 release (to cover the already upcoming questions from players and stakeholders in Belgium)
- FHIR readiness of Belgian metahub-hub system: see preparation work
Minutes
Use cases for Permission and Consent and respective need for interoperability and computability: see document here
- Steven has added 2 scenarios #6 and #7
- should notes be an element or a resource to tag the resource or the element
- is it an option so make slices in a care plan to put the HCP's notes or the patient's notes
- using an hierarchy for care plans that consists of several elements is an option
-
- we are looking at Inline Security Labels
-
- is there a difference a private and a public annotation ? do we want to go towards attribute filtering access
- proposal of next step: list up approaches and look at variants
- how to tag the attributes
- GDPR: purpose of use in a hospital ?
- it is handled at legal level, they cannot share this by law
- traceability needs to be taken into account
- Are there specific (legal) requirements that need to be taken into account
Action items
- security controls: update document describing the current access matrix and the possible FHIR functionalities
- prepare feedback on FHIR readiness hub/metahub system
Next meeting
- Wednesday 22 March at 9AM