Advisory: A manager from one facility could view users from another facility

InterSystems has corrected a defect that could allow a manager of users for one facility to view a read-only listing of users associated with other facilities, but not view or edit the details for those users.

This problem exists for:

• Unified Care Record 2019.1.0
• Information Exchange 2018.1, 15.032

The correction for this defect is identified as dev key JRK003, and included in the product as of Unified Care Record 2019.1.1 and 2019.2. It is also available via Ad hoc change file (patch) or full kit distribution from the Worldwide Response Center (WRC).

If you have any questions regarding this advisory, please contact the WRC.