InterSystems Official
· Mar 1, 2022

Alert: HS2022-01: Multiple IRIS for Health & HealthShare Alerts

This post is part of the HealthShare HS2022-01 Alert communications process.  The same information is also distributed:

There are 22 alerts in the HealthShare HS2022-01 Alert communication.  The Alert Summary is in the table below, and the detail is contained in the attached document: HS2022-01-Communication

Alert Product & Versions Affected Risk Category
HS2022-01-01: Vaccination Dates Misrepresented in Some Circumstances

All versions of:

  • Information Exchange
  • Unified Care Record
  • Personal Community
  • HealthShare Health Connect
  • InterSystems IRIS for Health
Operational
Clinical Safety
HS2022-01-02: Invalid Handling of Multiple Reference Ranges in CDA and C-CDA Documents

All versions of:

  • Information Exchange
  • Unified Care Record (through 2021.1)
Clinical Safety
HS2022-01-03: Security Check for Emergency Access to Patient Records Fails to Occur in Some Situations

All versions of:

  • Information Exchange
  • Unified Care Record (through 2020.2)
 Privacy
HS2022-01-04: Security Vulnerability in Unified Care Record 2020.2.0

Unified Care Record:

  • 2020.2.0 (Build 8620)
Privacy
HS2022-01-05: Customers on Unified Care Record 2020.2 and 2021.1 Must Install a Patch Before Upgrading to a Later Version

Version 2020.2, 2021.1 of:

  • Unified Care Record
  • Clinical Viewer
  • Health Insight
  • Patient Index
  • Personal Community
  • Care Community

Version 2020.2, 2021.1, 2021.2, 2021.3 of:

  • Provider Directory
Operational
HS2022-01-06: Configuring the Classic Clinical Viewer Requires Outdated Third-Party Software

All versions of:

  • Unified Care Record (Classic Clinical Viewer only)
Security
HS2022-01-07: Users may not be able to Log Out of Clinical Viewer

All versions of:

  • Information Exchange
  • Unified Care Record (through 2020.2)
Privacy
HS2022-01-08: Access Gateway Aggregation Cache Grows over Time

Unified Care Record:

  • 2020.1, 2020.2, 2021.1, 2021.2
Operational
HS2022-01-09: Incompatibility in HL7toSDA3 Customizations when Upgrading from HealthShare 15.03 or earlier

Information Exchange:

  • 15.03 or earlier (when upgrading to Unified Care Record)
Not Rated
HS2022-01-10: IHE Endpoints should use Appropriate Credentials

All versions of:

  • Information Exchange
  • Unified Care Record
Security
HS2022-01-11: ODS Namespace Reactivation Can Result in Prolonged Downtime

Unified Care Record:

  • 2019.1, 2019.2
Operational
HS2022-01-12: Upgrade of ODS may Require Manual Intervention to Complete

Unified Care Record:

  • 2020.1 (when upgrading to version 2020.2)
Operational
HS2022-01-13: ODS Audit Data Inaccessible after Upgrade to Version 2020.1

Unified Care Record:

  • 2019.1 or 2019.2 (when upgrading to 2020.1)
Privacy
HS2022-01-14: System-wide and Facility-level Clinical Consent Policies Ignore Event Dates

All versions of:

  • Information Exchange
  • Unified Care Record (through 2021.1)
Privacy
HS2022-01-15: FHIR Requests Not Being Evaluated Properly for Consent

Unified Care Record:

  • 2020.1
Privacy
HS2022-01-16: FHIR “$everything” Operation Can Return Unconsented Demographics

All versions of:

  • Information Exchange
  • Unified Care Record (through 2021.1)
Privacy
HS2022-01-17: FHIR Index Performance Issue Can Cause ODS Instability

Information Exchange:

  • 2018.1

Unified Care Record:

  • 2019.1, 2019.2
Operational
HS2022-01-18: Security Vulnerability in FHIR Gateway/FHIR Server

Unified Care Record:

  • 2021.1

InterSystems IRIS for Health:

  • 2021.1
Security
HS2022-01-19: FHIR Server Does Not Verify Token Revocation

Unified Care Record:

  • 2020.1, 2020.2, 2021.1

InterSystems IRIS for Health:

  • 2020.4, 2021.1

HealthShare Health Connect:

  • 2020.4, 2021.1
Security
HS2022-01-20: OAuth Token Scope Not Applied in FHIR Batch Transaction Bundles

InterSystems IRIS for Health:

  • 2021.1
Privacy
Security
Operational
HS2022-01-21: FHIR Server Interoperability REST Client does not Properly Clean Up Data

InterSystems IRIS for Health:

  • 2020.2, 2020.3

HealthShare Health Connect:

  • 2020.2, 2020.3
Operational
HS2022-01-22: Security Issue in Patient Index

All versions of:

  • Patient Index (through 2021.2)
Security

If you have any questions regarding this advisory, please contact support@intersystems.com, and reference “HealthShare Alert HS2022-01”.

Discussion (2)1
Log in or sign up to continue