Agenda

Tuesday, August 8 (EDT)

9:00 - 9:05 am

Welcome & Announcement from the Office of the National Coordinator for Health IT (ONC)

9:05 - 9:30 am

HHS Cybersecurity Priorities

Brian Mazanec and Syed Mohiuddin


9:30 - 10:15 am

FHIR Security Overview

Grahame Grieve


10:15 - 11:00 am

SMART on FHIR and SMART Health Links

Josh Mandel, MD


11:00 - 12:00 pm

Cybersecurity Roundtable: Impact to Consumers

Liz Turi (moderator), Kristen Valdes, Jan Oldenburg, Kathleen Connor


12:00 - 1:00 pm

Lunch

General Session

1:00 - 1:45 pm

TEFCA Security - Policy and Technical Requirements

Johnathan Coleman

1:45 - 2:30 pm

A Basic Overview of API Security and Test Tools

Matt Blackmon

2:30 - 3:15 pm

ONC Certified FHIR APIs: A Deep Dive into FHIR Security in the ONC Certification Program and Inferno Conformance Testing

Keith Carlson

3:15 - 4:00 pm

Cybersecurity Roundtable: Executive Perspective

Malikah Smith (moderator), Bezawit Sumner, Luis de Barros

Developer Track

1:00 - 2:00 pm

FHIR Security and Privacy for Developers

John Moehrke

2:00 - 3:00 pm

FHIR Security Capabilities

John Moehrke

3:00 - 4:00 pm

FHIR Security Practical Application

John Moehrke

4:00 - 4:15 pm

Wrap Up

Diego Kaminker

Wednesday, August 9

9:00 - 9:05 am

Welcome and Morning Announcements

Diego Kaminker


9:05 - 10:00 am

Building a Secure, Patient-Centered Ecosystem for FHIR APIs

Cooper Thompson and Danielle Friend


10:00 - 10:45 am

Data Segmentation for Privacy and Security Labeling

Mohammad Jafari


10:45 - 11:15 am

Who Should You Trust? Implementing Security at Scale for FHIR

Luis Maas


11:15 - 12:00 pm

Cybersecurity Roundtable: Tales from the Field - Hear from FHIR Implementers

Luis Maas (moderator), Dan Cinnamon, Jason Vogt, Joseph Shook, Tom Loomis


12:00 - 1:00 pm

Lunch

General Session

1:00 - 1:45 pm

Quantum Computing and Cybersecurity: A realistic perspective of progress, risks, solutions and opportunities for healthcare APIs

Eric Heflin

1:45 - 2:30 pm

The Problem with Consent: How to record, assert and evaluate: IHE Privacy Consents on FHIR

John Moehrke

2:30 - 3:15 pm

Audit Tracing in FHIR

Matt Jenks

3:15 - 4:15 pm

Interoperable Digital Identity and Patient Matching

Julie Maas and Ryan Howells

4:15 - 4:45 pm

De-identification of FHIR: Unlocking additional value and use cases

Bob Lou, MD

Developer Track

1:00 - 1:45 pm

UDAP Deep-Dive Session

Luis Maas

1:45 - 2:45 pm

UdapEd: Diagnostics tool showcasing the udap-dotnet open source reference implementation

Joe Shook

2:45 - 3:45 pm

A Mobile Application Dissection - FHIR API Security

Brett Stringham

3:45 - 4:45 pm

FHIR at Scale Taskforce (FAST) Access Control & Testing

Abigail Watson

4:45 - 5:00 pm

Wrap Up 

Daniel Vreeman