https://kantarainitiative.org/confluence/display/uma/UMA+telecon+2021-07-01
MinutesRoll call
Quorum was NOT reached.
Approve minutes
- Approve minutes of UMA telecon 2021-06-10
https://kantarainitiative.org/confluence/display/uma/UMA+telecon+2021-06-10
, UMA telecon 2021-06-17
https://kantarainitiative.org/confluence/display/uma/UMA+telecon+2021-06-17
, UMA telecon 2021-06-24
https://kantarainitiative.org/confluence/display/uma/UMA+telecon+2021-06-24
Deferred
Relationship Manager - user stories
As RqP Bob(reserach), I want to be able to request access to a set of
Alice's resources (heath information) directly from Alice's AS without
knowledge of their location(health record repositories), because I don't
have to bother getting or caring about all the locations from Alice first
(since there is no direct relationship between Alice and the researcher)
A reseacher may discover health records that have been authorized for them
to access, without needing a direct relationship with the RO. In this case,
Alice can mark her resources at the AS as being approved for someone with a
specific claim. THis isn't a specific consent, ie to a specific RqP,
instead she's specifying the claims that the RqP must present (such as a
particular study, or researchers from specific IDPS). How she knows which
avaialble studies/research institutes would have to be part of the trust
ecosystem known to the AS. The AS can define the size of this ecosystem.
The rule at the AS *"I Alice allow people with claim=researcher from
idp=[baylor, acme] to access these specific health resources=[A@RS1, B@RS2,
Immz@RS2]"*. This next component of this is how that Client/RqP can
understand the scheme/type of the resource being accessed. The Client
should be requesting and receiving resources that are useful to it and not
other ones (data minimization).
This reflects the "three layers or interop", ecosystem, protocol, schema.
If 3/3 aren't there things don't work...
How granular can these rules be (resource type, specific resource, resource
+ scopes) be? , "my health record = patient/*.*" "read my heath record
*.read" FHIR has some ability to be queried in graph-y ways, however
usually it's very scope based. in SMARTonFHIR, the whole RS is the Resource
and you specific scopes for specific "patient.read oberervation.read ..."
then you can further apply confidentiality (conf/*) or sensitivity scopes
(sens/*), however those apply to the entire set of scopes.
In genetic disease, the gene has a list of many mutations that could be
queries, relevant to specific conditions. Or the entire gene, or types of
how that gene is captures (microarray, single cell experiment). ANother
example where the client/RqPs ability to understand and use the data should
be assessed before giving access to the data. They might only need to know
if there is a specific mutation, not the whole sequence. Or a set of genes
relevant to breast cancer. There is a need to understand the purpose before
giving more holistic information, it depends on the person who is
investigating
Is the gene the resource? Resource=(gene), scopes=(diseaseA, diseaseB,
phenotypeD, specific-featureC, single-cell-experiment). The client/rqp can
be filtered against the avaialbe gene resources based on those scopes.
There are vocabularies that are standardized through industry that would
help create this language to drive interoperability (the schema level
interop)
What audit capabilities would Alice have to see who/what institutes
actually access her information? The AS should be able to provide this, and
the RS would be able to provide even more specificity. Alice must be able
to understand up front what level of audit she will receive. There is a
dichomoty of behaviour a) people who wont' check and b) people who will and
take action on this information. *ANCR intersection,* when the CLient is
granted access lodge a consent receipt for Alice's records? This CR can be
pushed as a claim (json) for Alice to understand how the Client will treat
her data, who to contact etc
Alice is delegating some interrogation of Clients to the AS, the blanket
consent statement can't consider all Client terms (since Alice isnt'
present at that time),
There is a need for Bob to know the AS at which to request access from
As RqP Bob(financial advisor), I want to be able to request access to a set
of Alice's resources (pension information) directly from Alice's AS without
knowledge of their location(specific pension providers), because I don't
have to bother getting or caring about all the locations from Alice first
(since this is cumbersome to Alice and the Advisor)
The rule at the AS *"I Alice allow people with claim=advisor,
myadvisor@advisingcompany.com