[Openid-specs-heart] Draft HEART Meeting Notes 2016-11-21

Sarah Squire sarah at engageidentity.com
Mon Nov 21 22:02:40 UTC 2016 

Attending:

Debbie Bucci

Adrian Gropper

Cait Ryan

Celestin Bitjonck

Edmund Jay

Eve Maler

Glen Marshall

Jim Kragh

Justin Richer

Kenneth Salyards

Nancy Lush

Sarah Squire

Scott Shorter

Walter Kirk

Scott:

While we’re looking at things to restrict access to, maybe we should look
at demographic information.

Nancy:

There are lots that people will want to use, we just decided to pick a few
so we have something to talk about.

Debbie:

So, Eve, we tried to go through your infographic, but we weren’t getting
anywhere, so we tried to go to the text and start with a few resource sets
to think about - conditions, medications, allergies, and maybe all? Or
basic demographics?

Nancy:

Going back to purpose for a second, purpose is important, but I’m not sure
it’s a scope

Eve:

I’m glad we’re getting to the use cases. Technically, I would agree that
it’s probably not a scope. I would achieve it a different way. Think of the
scope as being the “what you want them to do” - the verb. Purpose would be
a claim, a promise, that Alice can require in her policies. This would be
conditions that Alice imposes.

Debbie:

Is this more of a promissory claim?

Eve:

Yes

Debbie:

So do we have any custom UMA scopes?

Eve:

We have read, write, and all. Anonymized data might be another.

Nancy:

It might be better to keep this simple to start with, and if we include a
scope that FHIR doesn’t support, that complicates things. Maybe we don’t
want to do that for our first pass through.

Debbie:

How do I differentiate between current medications, and all medications
ever?

Nancy:

You would use the “active” FHIR filter

Debbie:

Do we need anything more than read and write?

Eve:

We might not

Debbie:

Okay, let’s move onto claims.

Eve:

We want to make sure that these are well-known. Are people sharing with a
specific person? Or a fuzzy set?

Adrian:

The four that we used in HIE of One are:

Anyone signed in directly to this AS sees everything

Anyone signed in with mdNOSH sees these resources

Anyone that has a Google ID and NPI sees these resources

Anyone signed in via Google ID gets an email from me and can see emergency
information

Debbie:

Okay, I added NPI

Eve:

Those four options seem to ask a lot of Alice

Debbie:

So can we have some examples of sharing UX?

Eve:
So we’ve got a couple different ways to share. If Alice chooses to share
with someone, she can enter their identifier and then select which
information she wants to share.
Sarah Squire
Engage Identity
http://engageidentity.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-heart/attachments/20161121/f92a5093/attachment.html>

More information about the Openid-specs-heart mailing list