Alert: HS2022-01: Multiple IRIS for Health & HealthShare Alerts
This post is part of the HealthShare HS2022-01 Alert communications process. The same information is also distributed:
- By Email
- On the Product Alerts & Advisories page
- On the WRC Distribution Page InterSystems Documents
There are 22 alerts in the HealthShare HS2022-01 Alert communication. The Alert Summary is in the table below, and the detail is contained in the attached document: HS2022-01-Communication
Alert | Product & Versions Affected | Risk Category |
---|---|---|
HS2022-01-01: Vaccination Dates Misrepresented in Some Circumstances |
All versions of:
|
Operational Clinical Safety |
HS2022-01-02: Invalid Handling of Multiple Reference Ranges in CDA and C-CDA Documents |
All versions of:
|
Clinical Safety |
HS2022-01-03: Security Check for Emergency Access to Patient Records Fails to Occur in Some Situations |
All versions of:
|
Privacy |
HS2022-01-04: Security Vulnerability in Unified Care Record 2020.2.0 |
Unified Care Record:
|
Privacy |
HS2022-01-05: Customers on Unified Care Record 2020.2 and 2021.1 Must Install a Patch Before Upgrading to a Later Version |
Version 2020.2, 2021.1 of:
Version 2020.2, 2021.1, 2021.2, 2021.3 of:
|
Operational |
HS2022-01-06: Configuring the Classic Clinical Viewer Requires Outdated Third-Party Software |
All versions of:
|
Security |
HS2022-01-07: Users may not be able to Log Out of Clinical Viewer |
All versions of:
|
Privacy |
HS2022-01-08: Access Gateway Aggregation Cache Grows over Time |
Unified Care Record:
|
Operational |
HS2022-01-09: Incompatibility in HL7toSDA3 Customizations when Upgrading from HealthShare 15.03 or earlier |
Information Exchange:
|
Not Rated |
HS2022-01-10: IHE Endpoints should use Appropriate Credentials |
All versions of:
|
Security |
HS2022-01-11: ODS Namespace Reactivation Can Result in Prolonged Downtime |
Unified Care Record:
|
Operational |
HS2022-01-12: Upgrade of ODS may Require Manual Intervention to Complete |
Unified Care Record:
|
Operational |
HS2022-01-13: ODS Audit Data Inaccessible after Upgrade to Version 2020.1 |
Unified Care Record:
|
Privacy |
HS2022-01-14: System-wide and Facility-level Clinical Consent Policies Ignore Event Dates |
All versions of:
|
Privacy |
HS2022-01-15: FHIR Requests Not Being Evaluated Properly for Consent |
Unified Care Record:
|
Privacy |
HS2022-01-16: FHIR “$everything” Operation Can Return Unconsented Demographics |
All versions of:
|
Privacy |
HS2022-01-17: FHIR Index Performance Issue Can Cause ODS Instability |
Information Exchange:
Unified Care Record:
|
Operational |
HS2022-01-18: Security Vulnerability in FHIR Gateway/FHIR Server |
Unified Care Record:
InterSystems IRIS for Health:
|
Security |
HS2022-01-19: FHIR Server Does Not Verify Token Revocation |
Unified Care Record:
InterSystems IRIS for Health:
HealthShare Health Connect:
|
Security |
HS2022-01-20: OAuth Token Scope Not Applied in FHIR Batch Transaction Bundles |
InterSystems IRIS for Health:
|
Privacy Security Operational |
HS2022-01-21: FHIR Server Interoperability REST Client does not Properly Clean Up Data |
InterSystems IRIS for Health:
HealthShare Health Connect:
|
Operational |
HS2022-01-22: Security Issue in Patient Index |
All versions of:
|
Security |
If you have any questions regarding this advisory, please contact support@intersystems.com, and reference “HealthShare Alert HS2022-01”.