[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Minutes of the August 7, 2009 XSPA Conference Call
Minutes of
the August 7, 2009 XSPA Conference Call 1. Roll Call
& Agenda Review Voting
Members: Anil Saldhana, Red Hat John Moehrke, GE Healthcare Tony Mallia, Richard Franck, IBM Mike Davis, Veterans Health Administration David Staggs, Veterans Health Administration Brian McClung, Jericho Systems Corp. Quorum attained. 2. Minutes
of July10, 2009 are approved unanimously. 3. Policy
scope. John Moehrke elaborated on the problem of knowing when all the
appropriate policies for an access control decision have been gathered. Mike raised
the example of policies that might depend on the type of organization involved
(e.g. Federal, HIPAA covered entity, etc.) making the request and where the
request originated (e.g. local privacy laws). David recalled John Tolbert had
proposed an approach for determining if export restrictions prevented release
of an item to a target jurisdiction. David will ask John for details. John Moehrke
was encouraged to discuss the issue with the XACML experts. 4: Consent
policy. Steven Meyer discussed the fundamental components of a consent policy
and whether we can define a set of cardinal policies for consumer preferences.
Richard pointed out the impact of jurisdiction, NHIN, the use of BPPC and defining
what is the relevant scope. All agree the ONC policy requires the individual
must make a separate policy selection in each organization receiving the data.
Consensus is a lot of work needs to be done here but would be an interesting
work item. TC charter may require amendment if the work is approved. 5. Follow-on
Discussion on comments from the Privacy Sub-team of the NHIN Specifications
Factory. 6. Monthly
meetings were approved through the remainder of the summer. Mike is
interested in continuing work on the WS-Trust profile. 8. Additional Discussion 9. Action Items David to contact John Tolbert and XACML on Policy Scope
Issue. Regards, David David Staggs, JD,
CISSP (SAIC) |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]