Skip to content
Search to learn about InterSystems products and solutions, career opportunities, and more.

Alert: HS2020-03: Multiple HealthShare Alerts

March 25, 2020

This post is part of the HealthShare HS2020-03 Alert communications process.  The same information is also distributed:

There are 7 alerts in the HealthShare HS2020-03 Alert communication, including the previously posted " Alert: Possible Data Integrity Issues after Compaction or Defragmentation"  The Alert Summary is in the table below, and the detail is contained in the attached document: HS2020-03-Communication

AlertProduct & Versions AffectedRisk Category & Score
HS2020-03-01: Break-the-Glass Events not Properly Audited for ODSHealthShare Unified Care Record 2019.1 and 2019.2 using the Operational Data Store4-High Risk (Privacy)
HS2020-03-02: Archiving of Historical Aliases Causes System HangHealthShare Patient Index 2018.1, 2019.1, and 2019.23-Medium Risk (Operational)
HS2020-03-03: Permissions to Access Patient Records Vary Between Clinical Viewer v1 and v2HealthShare Information Exchange and Unified Care Record v2 viewer in 2018.1, 2019.1 and 2019.24-High Risk (Privacy)
HS2020-03-04: Invalid Handling of Improperly Formatted Reference Ranges in HL7 V2 Result MessagesHealthShare Information Exchange 15.03 and 2018.1; Unified Care Record 2019.1 and 2019.23-Medium Risk (Clinical)
HS2020-03-05: AngularJS 1.5.8 VulnerabilityAll versions of HealthShare Personal CommunityExternal (Security)
HS2020-03-06: “LogCounter” in Access Gateway is Reset on UpgradeAll versions of HealthShare Information Exchange and Unified Care Record up to and including 2019.13-Medium Risk (Operational)
HS2020-03-07: Possible Data Integrity Issues after Compaction or Defragmentation

All HealthShare products starting from HealthShare 15.x and Personal Community 12.x and above.

HealthShare Health Connect 2019.1.0 and 2019.1.1 based on InterSystems IRIS®, and older Health Connect versions built on Cache/Ensemble 2016.2 and above.

2-Low Risk (Operational)

If you have any questions regarding this advisory, please contact the Worldwide Response Center (WRC).

RELATED TOPICS