[Openid-specs-heart] Draft HEART Meeting Notes 2016-11-21
Sarah Squire
sarah at engageidentity.com
Mon Nov 21 22:02:40 UTC 2016
Attending:
Debbie Bucci
Adrian Gropper
Cait Ryan
Celestin Bitjonck
Edmund Jay
Eve Maler
Glen Marshall
Jim Kragh
Justin Richer
Kenneth Salyards
Nancy Lush
Sarah Squire
Scott Shorter
Walter Kirk
Scott:
While we’re looking at things to restrict access to, maybe we should look
at demographic information.
Nancy:
There are lots that people will want to use, we just decided to pick a few
so we have something to talk about.
Debbie:
So, Eve, we tried to go through your infographic, but we weren’t getting
anywhere, so we tried to go to the text and start with a few resource sets
to think about - conditions, medications, allergies, and maybe all? Or
basic demographics?
Nancy:
Going back to purpose for a second, purpose is important, but I’m not sure
it’s a scope
Eve:
I’m glad we’re getting to the use cases. Technically, I would agree that
it’s probably not a scope. I would achieve it a different way. Think of the
scope as being the “what you want them to do” - the verb. Purpose would be
a claim, a promise, that Alice can require in her policies. This would be
conditions that Alice imposes.
Debbie:
Is this more of a promissory claim?
Eve:
Yes
Debbie:
So do we have any custom UMA scopes?
Eve:
We have read, write, and all. Anonymized data might be another.
Nancy:
It might be better to keep this simple to start with, and if we include a
scope that FHIR doesn’t support, that complicates things. Maybe we don’t
want to do that for our first pass through.
Debbie:
How do I differentiate between current medications, and all medications
ever?
Nancy:
You would use the “active” FHIR filter
Debbie:
Do we need anything more than read and write?
Eve:
We might not
Debbie:
Okay, let’s move onto claims.
Eve:
We want to make sure that these are well-known. Are people sharing with a
specific person? Or a fuzzy set?
Adrian:
The four that we used in HIE of One are:
Anyone signed in directly to this AS sees everything
Anyone signed in with mdNOSH sees these resources
Anyone that has a Google ID and NPI sees these resources
Anyone signed in via Google ID gets an email from me and can see emergency
information
Debbie:
Okay, I added NPI
Eve:
Those four options seem to ask a lot of Alice
Debbie:
So can we have some examples of sharing UX?
Eve:
So we’ve got a couple different ways to share. If Alice chooses to share
with someone, she can enter their identifier and then select which
information she wants to share.
Sarah Squire
Engage Identity
http://engageidentity.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-heart/attachments/20161121/f92a5093/attachment.html>
More information about the Openid-specs-heart
mailing list