Skip to content
Pesquise para saber mais sobre produtos e soluções da InterSystems, oportunidades de carreira e muito mais.

Advisory: MPI Demographics May Contain Unconsented Data

March 1, 2022 – Advisory: MPI Demographics May Contain Unconsented Data

InterSystems has corrected a defect affecting Patient Privacy wherein consent is not applied in the determination of the “best” record. As a result, unconsented demographic data associated with the best record are displayed at the MPI-level in Patient Search and FHIR requests. This may inadvertently reveal sensitive information, such as the patient's address associated with the unconsented facility.

This issue affects all HealthShare Information Exchange and Unified Care Record versions up to and including HealthShare 2020.2.

When populating the properties in an aggregate Patient streamlet, data from the “best record” is favored. The best record is that which was last updated at the best (lowest) tier facility. The demographics associated with this record are displayed at the MPI-level in Patient Search and FHIR requests.

The correction for this defect is identified as HSIEC-3978. It is available via ad hoc change file or full kit distribution from the Worldwide Response Center (WRC). The correction ensures that consent is evaluated for each patient record prior to the determination of the best record. As a result, the MPI demographics will only contain consented data. InterSystems recommends that all affected customers apply this correction. The correction is included in Unified Care Record 2021.1, 2021.2 and in all future product releases.

RELATED TOPICS

Latest Alerts & Advisories

Jul 23, 2025
InterSystems IRIS 2025.2 introduces the IRISSECURITY database, the new home for security data. Unlike IRISSYS, the previous home for security data, IRISSECURITY can be encrypted, which secures your sensitive data at rest. In a future version, IRISSECURITY will be mirrorable.
Jul 23, 2025
InterSystems is pleased to announce the General Availability (GA) of the 2025.2 release of InterSystems IRIS® data platform. This is a Continuous Delivery (CD) release. Please note that the GA versions of InterSystems IRIS for Health™ and HealthShare® Health Connect™ 2025.2 are currently withheld due to mirroring limitations introduced by security updates (details below).
Jun 10, 2025
Advisory ID Product & Versions Affected Risk Category & Score Explicit Requirements DP-439649 Products:
May 20, 2025
This issue affects all versions of HealthShare®:
May 20, 2025
This problem affects the following products: