OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

security-services message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Federal Register announcement of SAML standard in HC



Attached is a notice published in the Federal Register announcing the U.S. Secretary of Health and Human Services’ acceptance of Healthcare Information Technology Standards Panel (HITSP) Interoperability Specifications (IS).  


As described at the end of the notice, acceptance triggers legal obligations to use the standards cited by HITSP within certain U.S. Federal agencies and between those agencies and non-agencies. 


IS listed in the Notice require the use of HITSP/TP20 Access Control Transaction Package.  TP20 Table 2.3.2-1 cites standards required to implement TP20 and includes SAML Core v2.0 OASIS Standard; ITU-T X.1141.  


Once the XSPA profile of SAML becomes an OASIS standard, future Federal Registry notices are expected to trigger legal obligations to use it.  Thank you for your help in developing a profile that will standardize access control in the areas listed in the Notice:


IS01—Electronic Health Records Laboratory Results Reporting


IS03—Consumer Empowerment and Access to Clinical Information via Networks

IS04—Emergency Responder Electronic Health Record

IS05—Consumer Empowerment and Access to Clinical Information via Media



I have continued to reach out to others for technical review of the committee’s XSPA profile of SAML, since once accepted as a standard certain Federal agencies will have an obligation to follow it.  HITSP is very supportive of this effort and has voted to formally comment on OASIS XSPA profiles during the public comment period.   


The XSPA profile of SAML will be featured in the OASIS-HITSP Demonstration of TP20 at the HIMSS Showcase in early April.  I encourage you to publicize the event; this is a key activity in demonstrating to healthcare vendors and providers OASIS standards that meet the security and privacy needs of the industry.  There is still time to participate as we still have room in the featured “future directions” booth in the interoperability showcase for more participants.




David Staggs


David Staggs, JD, CISSP (SAIC)
Veterans Health Administration
Chief Health Informatics Office
Emerging Health Technologies
Office: 858 433 1473


Federal Register.pdf

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]