Skip to content
Etsi tietoja InterSystemsin tuotteista ja ratkaisuista, uramahdollisuuksista ja muusta.

Risk & Safety Alert HS2024-03: Multiple Alerts for InterSystems IRIS for Health, HealthShare Health Connect and HealthShare Solutions

There are four alerts in the HS2024-03 Alert Communication. A summary of each alert is shown below. Details for each alert are contained in the linked document.

Alert HS2024-03-01:

After Operating System Upgrade, HealthShare Instance May Require Upgrade

Products and Versions Affected

  • InterSystems IRIS® for Health 2021.2 and higher
  • HealthShare® Health Connect 2021.2 and higher
  • All HealthShare® Solutions products, version 2022.2 and higher:
    Care Community, Clinical Viewer, Health Insight, Healthcare Action Engine, Patient Index, Personal Community, Provider Directory, Unified Care Record

Requirements

  • Linux operating system
  • Operating system upgrade (major version)

Risk Category
Operational

Risk Score
4 – High Risk

Alert HS2024-03-02:

With FHIR Interoperability Productions, Bearer Token String Is Visible in Message Viewer and FSLOG

Products and Versions Affected

  • InterSystems IRIS for Health versions 2021.1 ̶ 2024.1

Requirements

  • FHIR repository
  • IRIS interoperability production-based FHIR endpoint

Risk Category
Security

Risk Score
3 – Medium Risk

Alert HS2024-03-03:

OnSystemStartup Methods not Run on Upgrade in Mirrored FHIR Systems

Products and Versions Affected

  • InterSystems IRIS for Health 2023.x
  • HealthShare Unified Care Record 2023.1 and 2023.2
    (Note: Previous guidance suggested that Unified Care Record version 2024.1 was affected, but it is not.)

Requirements

  • Mirroring
  • FHIR repository

Risk Category & Score
Operational

Risk Score
3 – Medium Risk

Alert HS2024-03-04:

Clinical Consent Policies not Properly Evaluated with Custom-named Streamlets

Products and Versions Affected

  • HealthShare Unified Care Record:
    All versions up-to-and-including 2024.1

Requirements

  • Clinical information type (CIT) consent policies
  • Custom SDA streamlets

Risk Category
Privacy

Risk Score
3 – Medium Risk

 

If you have any questions regarding this alert, please contact the Worldwide Response Center (WRC).