March 25, 2020
This post is part of the HealthShare HS2020-03 Alert communications process. The same information is also distributed:
- By Email
- On the Developer Community
- On the WRC Distribution Page InterSystems Documents
There are 7 alerts in the HealthShare HS2020-03 Alert communication, including the previously posted " Alert: Possible Data Integrity Issues after Compaction or Defragmentation" The Alert Summary is in the table below, and the detail is contained in the attached document: HS2020-03-Communication
| Alert | Product & Versions Affected | Risk Category & Score |
| HS2020-03-01: Break-the-Glass Events not Properly Audited for ODS | HealthShare Unified Care Record 2019.1 and 2019.2 using the Operational Data Store | 4-High Risk (Privacy) |
| HS2020-03-02: Archiving of Historical Aliases Causes System Hang | HealthShare Patient Index 2018.1, 2019.1, and 2019.2 | 3-Medium Risk (Operational) |
| HS2020-03-03: Permissions to Access Patient Records Vary Between Clinical Viewer v1 and v2 | HealthShare Information Exchange and Unified Care Record v2 viewer in 2018.1, 2019.1 and 2019.2 | 4-High Risk (Privacy) |
| HS2020-03-04: Invalid Handling of Improperly Formatted Reference Ranges in HL7 V2 Result Messages | HealthShare Information Exchange 15.03 and 2018.1; Unified Care Record 2019.1 and 2019.2 | 3-Medium Risk (Clinical) |
| HS2020-03-05: AngularJS 1.5.8 Vulnerability | All versions of HealthShare Personal Community | External (Security) |
| HS2020-03-06: “LogCounter” in Access Gateway is Reset on Upgrade | All versions of HealthShare Information Exchange and Unified Care Record up to and including 2019.1 | 3-Medium Risk (Operational) |
| HS2020-03-07: Possible Data Integrity Issues after Compaction or Defragmentation | All HealthShare products starting from HealthShare 15.x and Personal Community 12.x and above. HealthShare Health Connect 2019.1.0 and 2019.1.1 based on InterSystems IRIS®, and older Health Connect versions built on Cache/Ensemble 2016.2 and above. | 2-Low Risk (Operational) |
If you have any questions regarding this advisory, please contact the Worldwide Response Center (WRC).