InterSystems Official
Mike Morrissey · Mar 1

Alert: HS2022-01: Multiple IRIS for Health & HealthShare Alerts

This post is part of the HealthShare HS2022-01 Alert communications process.  The same information is also distributed:

There are 22 alerts in the HealthShare HS2022-01 Alert communication.  The Alert Summary is in the table below, and the detail is contained in the attached document: HS2022-01-Communication

Alert Product & Versions Affected Risk Category
HS2022-01-01: Vaccination Dates Misrepresented in Some Circumstances

All versions of:

  • Information Exchange
  • Unified Care Record
  • Personal Community
  • HealthShare Health Connect
  • InterSystems IRIS for Health
Operational
Clinical Safety
HS2022-01-02: Invalid Handling of Multiple Reference Ranges in CDA and C-CDA Documents

All versions of:

  • Information Exchange
  • Unified Care Record (through 2021.1)
Clinical Safety
HS2022-01-03: Security Check for Emergency Access to Patient Records Fails to Occur in Some Situations

All versions of:

  • Information Exchange
  • Unified Care Record (through 2020.2)
 Privacy
HS2022-01-04: Security Vulnerability in Unified Care Record 2020.2.0

Unified Care Record:

  • 2020.2.0 (Build 8620)
Privacy
HS2022-01-05: Customers on Unified Care Record 2020.2 and 2021.1 Must Install a Patch Before Upgrading to a Later Version

Version 2020.2, 2021.1 of:

  • Unified Care Record
  • Clinical Viewer
  • Health Insight
  • Patient Index
  • Personal Community
  • Care Community

Version 2020.2, 2021.1, 2021.2, 2021.3 of:

  • Provider Directory
Operational
HS2022-01-06: Configuring the Classic Clinical Viewer Requires Outdated Third-Party Software

All versions of:

  • Unified Care Record (Classic Clinical Viewer only)
Security
HS2022-01-07: Users may not be able to Log Out of Clinical Viewer

All versions of:

  • Information Exchange
  • Unified Care Record (through 2020.2)
Privacy
HS2022-01-08: Access Gateway Aggregation Cache Grows over Time

Unified Care Record:

  • 2020.1, 2020.2, 2021.1, 2021.2
Operational
HS2022-01-09: Incompatibility in HL7toSDA3 Customizations when Upgrading from HealthShare 15.03 or earlier

Information Exchange:

  • 15.03 or earlier (when upgrading to Unified Care Record)
Not Rated
HS2022-01-10: IHE Endpoints should use Appropriate Credentials

All versions of:

  • Information Exchange
  • Unified Care Record
Security
HS2022-01-11: ODS Namespace Reactivation Can Result in Prolonged Downtime

Unified Care Record:

  • 2019.1, 2019.2
Operational
HS2022-01-12: Upgrade of ODS may Require Manual Intervention to Complete

Unified Care Record:

  • 2020.1 (when upgrading to version 2020.2)
Operational
HS2022-01-13: ODS Audit Data Inaccessible after Upgrade to Version 2020.1

Unified Care Record:

  • 2019.1 or 2019.2 (when upgrading to 2020.1)
Privacy
HS2022-01-14: System-wide and Facility-level Clinical Consent Policies Ignore Event Dates

All versions of:

  • Information Exchange
  • Unified Care Record (through 2021.1)
Privacy
HS2022-01-15: FHIR Requests Not Being Evaluated Properly for Consent

Unified Care Record:

  • 2020.1
Privacy
HS2022-01-16: FHIR “$everything” Operation Can Return Unconsented Demographics

All versions of:

  • Information Exchange
  • Unified Care Record (through 2021.1)
Privacy
HS2022-01-17: FHIR Index Performance Issue Can Cause ODS Instability

Information Exchange:

  • 2018.1

Unified Care Record:

  • 2019.1, 2019.2
Operational
HS2022-01-18: Security Vulnerability in FHIR Gateway/FHIR Server

Unified Care Record:

  • 2021.1

InterSystems IRIS for Health:

  • 2021.1
Security
HS2022-01-19: FHIR Server Does Not Verify Token Revocation

Unified Care Record:

  • 2020.1, 2020.2, 2021.1

InterSystems IRIS for Health:

  • 2020.4, 2021.1

HealthShare Health Connect:

  • 2020.4, 2021.1
Security
HS2022-01-20: OAuth Token Scope Not Applied in FHIR Batch Transaction Bundles

InterSystems IRIS for Health:

  • 2021.1
Privacy
Security
Operational
HS2022-01-21: FHIR Server Interoperability REST Client does not Properly Clean Up Data

InterSystems IRIS for Health:

  • 2020.2, 2020.3

HealthShare Health Connect:

  • 2020.2, 2020.3
Operational
HS2022-01-22: Security Issue in Patient Index

All versions of:

  • Patient Index (through 2021.2)
Security

If you have any questions regarding this advisory, please contact support@intersystems.com, and reference “HealthShare Alert HS2022-01”.

0
0 236
Discussion (2)2
Log in or sign up to continue

Somel of the links on this article are now 404 (file not found) since the Website update. Where did these documents end up?