Chris, Thanks. Here's a quick overview ...
This document specifies an XML schema for a security audit message payload to meet healthcare application requirements. It was motivated by the healthcare privacy laws, e.g., HIPAA in the US. And it represents a consensus view of three key healthcare standards organizations: HL7, DICOM , and ASTM E31. Because of the array of possible transport mechanisms favored by SDOs, this document is purposely transport-neutral. Although this is an informative document, it is being used as the basis for a normative supplement (#95) now under review by DICOM. The supplement goes further and specifies RFC 3195 Cooked message format. HL7 may also incorporate this message into its normative work. Their favored application message transports are now ebXML and WSDL/SOAP, with specifications as draft standards for trial use. Additional work now underway by the Integrating the Healthcare Enterprise (IHE) initiative will provide an implementation specification, leading to a live multi-vendor integration test and demo at the HIMSS conference in February, 2005. The favored transport is RFC 3195 cooked format, but RFC 3164 is allowed. Best, Glen -----Original Message----- From: Chris Lonvick [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 27, 2004 8:45 AM To: Marshall Glen Subject: I-D ACTION:draft-marshall-security-audit-09.txt (fwd) Hi Glen, I've been watching you keep up this document. It looks like you're getting ready to submit it to the IESG. Please feel free to send a note to the syslog WG mailing list ([EMAIL PROTECTED]) if you'd like to offer it for review or discussion. Regards, Chris ---------- Forwarded message ---------- Date: Fri, 23 Apr 2004 15:36:24 -0400 From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: I-D ACTION:draft-marshall-security-audit-09.txt A New Internet-Draft is available from the on-line Internet-Drafts directories. Title : Security Audit and Access Accountability Message XML Data Definitions for Healthcare Applications Author(s) : G. Marshall Filename : draft-marshall-security-audit-09.txt Pages : 45 Date : 2004-4-23 This document defines the format of data to be collected, and minimum set of attributes that need to be captured, for security auditing in healthcare application systems. The format is defined as an XML schema, which is intended as a reference for healthcare standards developers and application designers. It consolidates several previous documents on security auditing of healthcare data. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-marshall-security-audit-09.txt To remove yourself from the I-D Announcement list, send a message to [EMAIL PROTECTED] with the word unsubscribe in the body of the message. You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce to change your subscription settings. Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-marshall-security-audit-09.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: [EMAIL PROTECTED] In the body type: "FILE /internet-drafts/draft-marshall-security-audit-09.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. ------------------------------------------------------------------------------- This message and any included attachments are from Siemens Medical Solutions USA, Inc. and are intended only for the addressee(s). The information contained herein may include trade secrets or privileged or otherwise confidential information. Unauthorized review, forwarding, printing, copying, distributing, or using such information is strictly prohibited and may be unlawful. If you received this message in error, or have reason to believe you are not authorized to receive it, please promptly delete this message and notify the sender by e-mail with a copy to [EMAIL PROTECTED] Thank you