/
2020-07-23 Meeting notes

2020-07-23 Meeting notes

Jul 23, 2020

Date

Jul 23, 2020

Attendees

  • @Martin Smith (Unlicensed)

  • @Former user (Deleted)

  • @Jim Kragh

  • @Former user (Deleted)

  • @Tom Jones

  • @Former user (Deleted)

  • @Colin Wallis (Unlicensed)

Goals

  • Per Agenda 

Discussion items

Time

Item

Who

Notes

Time

Item

Who

Notes

5 Min

Call to order and roll call

@Former user (Deleted)

  • Quorate

  • Recording!

5 Min

Approval of draft minutes of July 9, 2020

@Former user (Deleted)

  • Approved

10 mins

Noteworthy news and member activities, i.e. update from Colin on collaboration with other Kantara WGs and related non-Kantara initiatives; update from Barry on proposal for the Robert Wood Johnson Foundation (RWJ) National Health Identifier. 



@Colin Wallis (Unlicensed)

@colin – UMA Webinar last Tuesday. Well attended. Also, ONC SME work, with CS. Very active, diverse views. 

@Former user (Deleted) 1. Article on 22nd: "true interop may required national patient ID."  2. RWJ did not accept proposal. @Jim Kragh Can we get judges comments for lessons-learned? @Former user (Deleted) Will check.

15 mins

Continuation and progress on plans to use ID Proofing and Authentication moving toward "Authorization" Levels of Assurance, e.g. What level of authorization assurance does a relying party require to access or act upon health data in its variable levels of sensitivity?

Also: comments on her draft report on NIST, Mitre and HHS proofing evidence standards.

@Former user (Deleted)

@Jim Kragh – FIRE WG going for a grant in this area with ONC or other. 

@Former user (Deleted) --Discuss new paper (TK) on AuthN vs AuthZ. NIST doesn't have standard for AuthZ Assurance. Reviews authZ-type frameworks that might be applied to healthcare patient authZ. 

10 mins

Call for suggested KI comments to NIST on 800-63-4 (NIST deadline Aug 10) Any suggested comments from HIAWG ?

@Martin Smith (Unlicensed)

Not discussed, (Deadline approaching!)

5 mins

New/other business:

From Tom J: We tentatively approved (3 of 6 is not quorum) work on a specification for a Mobile Assurance Statement. This is to replace the reference to a "Software Statement" that is currently in the Distributed Assurance Specification. Feedback is appreciated. Vote at the next meeting.
https://kantarainitiative.org/confluence/display/WT/Draft+Recommendations?preview=/115803040/132513794/Mobile%20Assurance%20Specification%201_0_0%20draft%20200721.docx

The Open ID foundation is working to build a consensus with the Distributed Identity Foundation on a speclet/profile for a Self Issued Identifier. I am the editor for that effort which can be viewed here: (Comments on that to me or to the github repo.)
https://github.com/KantaraInitiative/DistributedAssurance/blob/master/OpenID%20Self%20Issued%20Identifier.md  



Not discussed (but referred to in discussion of other agenda items. )

5 mins

Action followups, next meeting date, and adjourn

@Former user (Deleted)

  • Aug 6 next HIAWG

Action items

@Former user (Deleted)to post new AuthN/AuthZ draft on HIAWG Page File List. ALL to provide comments there.
@Former user (Deleted) requests time next meeting to discuss his solution.
@Jim Kragh requests time next meeting to discuss building an initial authorization framework.
@Martin Smith (Unlicensed) reminds ALL to provide suggested comments (to Ken Dagg and/or the HIAWG List) for KI submission to NIST for revision of 800-63-3