Skip to content
Visitar más sitios de InterSystems:
Germany
Alemania
Australia New Zealand
Australia & Nueva Zelanda
Benelux
Benelux:
Benelux:
Brazil
Brasil
Chile
Chile
China
China
Spain
España
United States
Estados Unidos
Finland
Finlandia
France
Francia
Hungary
Hungría
indonesian flag
Indonesia
Italy
Italia
Japan
Japón
Middle East Region
Oriente Medio
United Kingdom Ireland
Reino Unido & Irlanda
Czech Republic
República Checa
South Africa
Sudáfrica
Middle East Region
Sudeste asiático
Sweden
Suecia
Visitar más sitios de InterSystems:
Germany
Alemania
Australia New Zealand
Australia & Nueva Zelanda
Benelux
Benelux:
Benelux:
Brazil
Brasil
Chile
Chile
China
China
Spain
España
United States
Estados Unidos
Finland
Finlandia
France
Francia
Hungary
Hungría
indonesian flag
Indonesia
Italy
Italia
Japan
Japón
Middle East Region
Oriente Medio
United Kingdom Ireland
Reino Unido & Irlanda
Czech Republic
República Checa
South Africa
Sudáfrica
Middle East Region
Sudeste asiático
Sweden
Suecia
Puede usar nuestro buscador para encontrar información sobre los productos y soluciones de InterSystems, las oportunidades de desarrollo profesional, los casos de uso, novedades y mucho más.
Home
Product Alerts & Advisories
Advisory: When No Consent Group is Specified, Clinical Consent Rules May Fail

Advisory: When No Consent Group is Specified, Clinical Consent Rules May Fail

Mar 01 2022

March 1, 2022 – Advisory: When No Consent Group is Specified, Clinical Consent Rules May Fail

InterSystems has identified a defect affecting Clinical Information Type (CIT) consent. In certain situations, if no consent group is specified, the CIT consent rules are ignored, and the user experiences the opposite of what was intended.

This issue affects all versions of HealthShare Information Exchange and Unified Care Record through version 2021.2.

Clinical Information Type (CIT) consent may be configured with a decision to show or block data for all users except those who are in the consent groups specified in the policy. These decisions are effective when one or more consent groups are specified. However, the policies are not effective if no consent group is specified. In these situations, the rules are ignored, and the opposite behavior is experienced: the blocking rule will permit data to be displayed to all users and the show rule will block the data from all users.

The affected consent decisions are as follows:

  • System-Wide Policy:
    • Always Block Except
    • Always Show Except
    • Default Block Except
    • Default Show Except
  • Facility-Wide Policy:
    • Always Block Except
    • Always Show Except
    • Default Block Except
    • Default Show Except
  • Patient Policy:
    • Block Except
    • Show Except

This issue has been rated as a Low Risk due to the fact that these policies are intended to be used with one or more specified consent groups and omitting a group is most likely a configuration mistake and would be detected during testing.
The following decisions should be used when consent groups are not relevant:

  • System-Wide Policy:
    • Always Block
    • Always Show
    • Default Block
    • Default Show
  • Facility-Wide Policy:
    • Always Block
    • Always Show
    • Default Block
    • Default Show
  • Patient Policy:
    • Block
    • Show

InterSystems recommends that customers review their consent policies to ensure that any Block Except and Show Except consent policies have one or more consent groups specified. If that is not the case, customers should add one or more consent groups or use a more appropriate decision option as described above.
This defect is identified as HSIEC-4741 and will be addressed in a future version.

RELATED TOPICS
HealthShare

Latest Alerts & Advisories

Aug 15 2024
Product Alerts & Advisories
Alert: Database Corruption with Multi-Volume Databases after Truncation
InterSystems has corrected a defect that can cause database corruption or errors with multi-volume databases under extremely rare circumstances. Only databases that have been truncated are at risk.
More
Jul 24 2024
Risk & Safety Alert HS2024-03: Multiple Alerts for InterSystems IRIS for Health, HealthShare Health Connect and HealthShare Solutions
There are four alerts in the HS2024-03 Alert Communication. A summary of each alert is shown below. Details for each alert are contained in the linked document.
More
Jun 24 2024
Product Alerts & Advisories
Advisory: VMware vSAN Data Consistency Errors
Broadcom recently announced a problem that can cause data consistency errors in database applications. The Broadcom article is available here:
More
May 30 2024
Product Alerts & Advisories
Advisory: License Enforcement Changes – REST and SOAP
Beginning with the release of InterSystems IRIS® data platform 2022.3, InterSystems corrected the license enforcement mechanism to include REST and SOAP requests. Due to this change, environments with non-core-based licenses that use REST or SOAP may experience greater license utilization after upgrading. To determine if this advisory applies to your InterSystems license, follow the instructions in the FAQ linked below.
More
May 01 2024
Product Alerts & Advisories
Alert: SQL Query using “NOT %INLIST” fails to return results
InterSystems has corrected an issue that can cause a small number of SQL queries to return incorrect results. See below for the specifics on impacted queries.
More
Apr 08 2024
Product Alerts & Advisories
Alert: Upgrades fail for HealthShare Health Connect instances not licensed for HL7® FHIR®
InterSystems has encountered a defect that causes some upgrades of HealthShare® Health Connect to fail. This only affects instances that are not licensed for the use of FHIR® and that have interoperability-enabled namespaces. Under these conditions, the upgrade fails with an error.
More
Mar 19 2024
Product Alerts & Advisories
Advisory: AIX Memory Leak
In evaluating an IBM Support notification, InterSystems has determined a potential impact for our customers. The notification in question is:
More
Feb 27 2024
Product Alerts & Advisories
Alert HS2024-limited: InterSystems IRIS for Health, Health Connect & HealthShare Solution Alert for Customers who Received an Ad Hoc Correction for HSIEO-8613
There is 1 alert in the HealthShare HS2024-limited Alert communication. An alert summary for the issue is shown is in the table below. Details for the alert are contained in the attached document: HS2024 Limited Communication.
More
Feb 01 2024
Product Alerts & Advisories
Alert HS2024-02: Multiple InterSystems IRIS for Health, Health Connect & HealthShare Solution Alerts
There are 2 alerts in the HealthShare HS2024-02 Alert communication. An alert summary for each issue is shown is in the table below. Details for each alert are contained in the attached document: HS2024-02-Communication.
More
Jan 17 2024
Product Alerts & Advisories
Advisory: Users Unable to Log in After Upgrade Due to Missing Index
This problem affects the following products:
More
View All Alerts & Advisories