All,

Thank you for allowing me to join and follow. I will mostly observe, but just in case I do comment, I wanted to introduce myself.

Brief Introduction: PhD Nursing Informatics Student - University of MN - focus consumer data sharing preferences and consumer mediated health data exchange.  I am also a nurse, policy expert in health data interoperability, previous state government employee for ONC activities & health policy and consultant for health reform activities associated with data sharing in the state of Minnesota. https://www.linkedin.com/pub/lisa-moon/47/b7/1a6

Thanks,

Lisa Moon
Principal Consultant
Advocate Consulting LLC
(c) 952-913-7263
lisa.moon@advocate-consulting.com


On Fri, Nov 6, 2015 at 11:09 AM, Eve Maler <eve@xmlgrrl.com> wrote:
  • Goal: start building a general "legal stack" for UMA-specific elements
  • Learn more of Andrew H’s use case details
  • Examine the sociotechnical norms for potentially useful concepts
  • AOB
Attending: Eve, John, Ann, Adrian, Andrew H, Jim, Jon, Mark, Nat, Sal

Andrew has sketched a model for resource set registration services. So far this is very informal, so we won’t be minuting it in detail.

What’s a better word/phrase for “community of interest”/CoI? Policymakers? Constituents?

He’s trying to capture “reliance” relationships, and obligations/commitments.

Adrian has concerns: Can we look at the simplest possible scenario and just map that? On the other hand, providing “legal resources” (akin to “developer resources”) for those who have constraints that require an UMA solution would be very valuable, because this is a real-world situation that we expect to be common.

The “Open Identity Trust Framework Model” white paper may be useful for background on generic trust frameworks. OITF was influenced by the Liberty Alliance work, and Andrew has contributed to TF work heavily over time.

Once you have the abstract model, then you can identify your specific “users” and “operators”.

So can we make progress on our goal, given Andrew’s input? We could work on outputs for his “C” elements, and a lot of the “B”. Jurisdiction clauses are something everyone needs. And if we pick a business environment (university, or health, or DIACC!), we know of typical clauses they’ll need. UMA-specific stuff may affect, all of the business, legal, and technical sections (portions of the stack). Standardizing these clauses is the benefit we’re aiming to supply.

Can we use the sociotechnical norms language? Eve suggests that the five norms are so clear, and clarifying, that they would be helpful for distinguishing the piece-parts of UMA flows that reflect different norms and developing model clauses for each of the B, L, and T layers that can focus on one type of norm at a time. John W thinks that there is relevance for consent receipts. Eve muses: Maybe Authorization could be for true consent receipts, and Commitment, Prohibition, Sanction, and Power could be for other types of transaction receipts? Powers could be conveyed to another party (such as durable medical power of attorney), and then there could be a flow chart after that where prohibitions and sanctions and such come into play.

Next steps:

  • Adrian is kindly running the next call. He will send out an agenda focusing on agency restatements.
  • After her vacation, Eve will work with John and Andrew (and maybe rope in Tim as well?) on recasting whatever old Binding Obligations are still useful into norms language, and try to bucket them into B/L/T clauses for putative sections of a “stack".


Eve Maler | cell +1 425.345.6756 | Skype: xmlgrrl | Twitter: @xmlgrrl | Calendar: xmlgrrl@gmail.com


_______________________________________________
WG-UMA mailing list
WG-UMA@kantarainitiative.org
http://kantarainitiative.org/mailman/listinfo/wg-uma