FHIR Chat · SMART Ballot Reconciliation Call: 2017-12-14 · smart

Stream: smart

Topic: SMART Ballot Reconciliation Call: 2017-12-14

view this post on Zulip Josh Mandel (Dec 14 2017 at 20:01):

For today's 3p ET meeting we'll take notes here. Please feel free to join in the discussion. https://join.freeconferencecall.com/fhir (meeting ID: FHIR)

Key docs for our call: Ballot Themes List with prioritized issues in red at the bottom; and Ballot Summary Spreadsheet with full ballot comments + dispositions so far.

view this post on Zulip Isaac Vetter (Dec 14 2017 at 20:05):

Attendees: Josh Mandel, Dan Gottlieb, Debbie Bucci, Dylan Mahalingam, Isaac Vetter, Jeff Danford, Rob Scanlon, Eric Haas, Grahame Grieve

view this post on Zulip Isaac Vetter (Dec 14 2017 at 20:07):

Topic: Required launch parameters (187) - should launch context parameter be marked as required?

Insufficient support to move forward with this comment. To revisit.

view this post on Zulip Isaac Vetter (Dec 14 2017 at 20:12):

Topic: Don't execute your inputs as code (115)
Move: Eric Haas, second: Debbie;
Abstain: 0, Against: 0, For: 7
Pass

view this post on Zulip Isaac Vetter (Dec 14 2017 at 20:12):

Topic: More security considerations (30)

view this post on Zulip Isaac Vetter (Dec 14 2017 at 20:16):

Motion to defer creation of new section of SMART spec specific to security and privacy.

view this post on Zulip Isaac Vetter (Dec 14 2017 at 20:18):

Discussion:
Debbie: The specification does already recommend some security best practices.
Grahame: SMART's had a lot of security review, how about explaining this and inviting submitting information about identified security risks.

view this post on Zulip Isaac Vetter (Dec 14 2017 at 20:20):

Isaac: aren't security best practices and the process for submitting information about security risks two separate things?

view this post on Zulip Isaac Vetter (Dec 14 2017 at 20:21):

Abstain: 0, Against: 0, For: 7
PASS

view this post on Zulip Isaac Vetter (Dec 14 2017 at 20:24):

Topic: Never the right amount of HIPAA (136, 180) - two ballot comments: one saying that HIPAA shouldn't be mentioned because it's US-specific, the other commenting that HIPAA is so important that more information about SMART's compliance with it should be explained

view this post on Zulip Isaac Vetter (Dec 14 2017 at 20:24):

Eric: how about we just change the spec to say "such as HIPAA"

view this post on Zulip Isaac Vetter (Dec 14 2017 at 20:25):

Eric motions, Debbie seconds
Abstain: 0, Against: 0, For: 7
PASS

view this post on Zulip Isaac Vetter (Dec 14 2017 at 20:27):

Topic: High-level overview of OAuth (160) - SMART spec should clearly distinguish what's standard OAuth2 and what's specific to SMART

view this post on Zulip Isaac Vetter (Dec 14 2017 at 20:27):

Grahame: but, there are multiple, "typical" OAuth2 workflows.

view this post on Zulip Isaac Vetter (Dec 14 2017 at 20:30):

Grahame motions, Debbie seconds
Abstain: 0, Against: 0, For: 7
PASS

view this post on Zulip Isaac Vetter (Dec 14 2017 at 20:33):

Topic: Arranging Conformance + Core Set (161, 162) - http://www.hl7.org/fhir/smart-app-launch/conformance/ and http://www.hl7.org/fhir/smart-app-launch/capability-statement/ and http://www.hl7.org/fhir/smart-app-launch/conformance/core-set/ should be the same webpage

view this post on Zulip Isaac Vetter (Dec 14 2017 at 20:45):

Isaac: Aren't shorter pages better?
Josh: there is opportunity to improve organization and naming of the pages
Motion: have separate pages for (1) capabilities, (2) capability sets and (3) declaring conformance
Isaac moved, Eric seconded
Abstain: 0, Against: 0, For:7
PASS

view this post on Zulip Isaac Vetter (Dec 14 2017 at 20:46):

How much entropy? (167) - a UUID contains slightly fewer bits than the recommended number of bits of entropy

view this post on Zulip Isaac Vetter (Dec 14 2017 at 20:51):

Grahame motions, Eric seconds
6-0-0
PASS

view this post on Zulip Isaac Vetter (Dec 14 2017 at 20:53):

Topic: One more DSTU2/STU3 point (178) - how to handle different FHIR versions?
Motion: We should include text explaining "When using this spec with FHIR DSTU2, the CapabilityStatement is instead called ConformanceStatement."
Jeff Danford motions, Eric seconds

view this post on Zulip Isaac Vetter (Dec 14 2017 at 20:53):

7-0-0
PASS

view this post on Zulip Isaac Vetter (Dec 14 2017 at 20:54):

Topic: Clarify meaning of "read" and "write" in FHIR operation terms

view this post on Zulip Isaac Vetter (Dec 14 2017 at 20:55):

Josh: could we provide a mapping between read/write and SMART's vread, update, delete, etc ? https://www.hl7.org/fhir/http.html

view this post on Zulip Isaac Vetter (Dec 14 2017 at 20:55):

Grahame: what about operations?

view this post on Zulip Isaac Vetter (Dec 14 2017 at 21:01):

Grahame: does the OperationDefinition's idempotent element define this? Not entirely.

view this post on Zulip Isaac Vetter (Dec 14 2017 at 21:01):

Conversation on this topic to be continued.

Last updated: Apr 12 2022 at 19:14 UTC


An HL7 Website -