Threat Models

From Direct Project
Jump to: navigation, search
The Security & Trust Workgroup has responsibility for creating threat models associated with the NHIN Direct specifications.

We have adopted a simple process to document and track threats, as described here: Threat Model Process


Workgroup members, please indicate your vote on this page.


VOTE ON XDR THREAT MODELS

Please review: Threat Model - Direct to and from XDR

  • Consensus Security and Trust WG Call for Consensus.
  • THIS VOTE IS NOW CLOSED. The threat model is accepted with 3 explicit YES votes, 0 NO votes, and the rest as silent assent.
  • We will now take all threat models to the wider Implementation Group for Consensus.
Organization
Agree
Notes
Allscripts


Axolotl


CareSpark/Anakam (HIE Tech)


Cautious Patient


Cerner


Clinical Groupware Collaborative


CSC


Epic


GE
Yes

Healthcare Information Xchange of NY


HLN Consulting


MedAllies


Medicity


Microsoft


Mirth Corporation


Misys Open Source Solutions


Oracle Health Sciences Global Strategies


RelayHealth


Siemens


Social Security Administration


Surescripts
Yes

VA


VisionShare
Yes



VOTE ON SMTP THREAT MODELS

THIS VOTE IS NOW CLOSED and the two threat models are accepted with 4 explicit YES votes, 0 NO votes, and the rest as silent assent. We will not take this vote to the full IG at this time for consensus -- instead, we will wait until the XDD threat model (TBD) obtains workgroup consensus and then take all the threat models to the IG as a package.
9/10/2010 - Call for workgroup consensus on the "Simple SMTP" and "SMTP with Full Service HISPs" models. As usual, if you vote NO, the expectation is that you will add comments to indicate what woudl be required to change your vote to YES. If you do not vote, that will be interpreted as assent. If you have participated in the workgroup and your organization was inadvertently left off of the list below, feel free to add a new row with your vote. Thank you!

Organization
Agree
Notes
Allscripts


Axolotl


CareSpark/Anakam (HIE Tech)


Cautious Patient


Cerner


Clinical Groupware Collaborative


CSC


Epic


GE
YES

Healthcare Information Xchange of NY


HLN Consulting


MedAllies


Medicity


Microsoft
YES

Mirth Corporation


Misys Open Source Solutions


Oracle Health Sciences Global Strategies


RelayHealth


Siemens
YES

Social Security Administration


SureScripts


VA


VisionShare
Yes