Adding the capability to support mutual authentication (mTLS) to the HL7v2 Outbound module.

New permissions were introduced to provide granular control over specific actions on a module in a node. The permissions introduced are VIEW_MODULE_CONFIG_FOR_MODULE, UPDATE_MODULE_CONFIG_FOR_MODULE, START_STOP_MODULE_FOR_MODULE, CONTROL_MODULE_FOR_MODULE & MODULE_ADMIN_FOR_MODULE. See Roles and Permissions for more information.

The SMART Outbound Security module now supports JWT-based authentication for clients authenticating themselves for a client credentials system flow.

The CDA Exchange+ module now supports the Encounter Diagnosis profile in the USCDI v2 IG.

The resource merge algorithm in the CDA Exchange+ module has been updated such that, if the result of merging two Observations would be that both the value and dataAbsentReason fields would be populated, the dataAbsentReason will be cleared.

The CDA Exchange+ module can now parse Comment Activity templates (ID 2.16.840.1.113883.10.20.22.4.64), which will populate Condition.note.

The CDA Exchange+ module can now parse Comment Activity templates (ID 2.16.840.1.113883.10.20.22.4.64), which will populate ServiceRequest.note.

The CDA Exchange+ module can now parse Comment Activity templates (ID 2.16.840.1.113883.10.20.22.4.64), which will populate Observation.note.

Changed the format of the logback.xml files to include the batch instance and chunk IDs for batch related messages.

Added a new node.archive_unknown_modules setting that automatically archives any previously created modules that are no longer present in the configuration properties file. Conversely, this setting also reinstates previously archived modules with the same module id that have reappeared in the properties file. This node setting only applies when node.propertysource = PROPERTIES. See the [Maintaining Module Configuration - Deleting Module Configurations] (/docs/installation/installing_smile_cdr.html#maintaining-module-configuration) documentation for more information.

In the Channel Import module a transaction log entry has been added for failed CDA import operations. If available, the ClinicalDocument/id attributes root and extension are logged in the transaction log message properties.

Updating audit log search capabilities to allow querying logs by resource id(s) in order to provide the CRUD operations related to specific resources.

Gateway sorting support for custom search parameters was added.

The CDA Exchange+ module now supports mapping Note Activity templates when encountered at the root level of any document section.

Prior Authorization CRD module now supports coverage-info extension as part of CDS hooks request for configuration options.

CDA Exchange+ module now supports mapping between the Assessment and Plan section and FHIR ServiceRequest resource.

Added SMART Backend Services authentication over secure channel (TLS) to remote terminology validation service.

When triggering $mdm-submit manually, MDM module now respects the broker partition assigned by the MDM Partition Key Generator script.

The Camel module now supports transforming an NDJSON file into a bundle via the new ndjsonToBundleProcessor. Please see the documentation for usage examples.

Prior Authorization CRD module now supports max-cards extension as part of CDS hooks request for configuration options.

The CDA Exchange+ module now supports OpenTelemetry during import of documents, and the exporting of FHIR data. Please see the OpenTelemetry Integration for detailed information.

Addition of $job-analytics operation to enable dQM users that kick off distributed $evaluate-measure requests the ability to retrieve realtime aggregated metrics of performance & progress per step & status of chunks processed by batch2 job. This allows for needed visibility to end users like the dqmUI to give more meaningful feedback to users on long running requests.

Prior Authorization CRD module now supports handling of Multi Orders - SystemActions and Response Cards results.

Added buttons to export and import OpenID Connect clients in the Web Admin Console.

Added FHIR Response Terminology Enhancement support for $summary operations.

The zip file created by Help -> System Info / Download Config -> Download System Configuration now includes two versions of the system properties. The current cdr-config-NodeID.properties file that includes all configuration values and a new cdr-config-NodeID-minimal.properties file that only includes configuration values that are different from their default values.

The transaction id provided as part of the payload when importing CDA documents via the channel import module has been added to the transaction logs in the request id column to allow for better traceability of requests.

An OpenTelemetry metric named smilecdr.storage.fhir_searches_active.count will now be emitted by persistence modules. Its value is the number of current FHIR searches. This includes both the currently running searches, and the completed searches with results currently available in the database cache.

Added support for mapping of ADT_A10 messaging to HL7 Inbound Mapping module.

The HL7 v2.x Listening Endpoint now maps the second PID, PD1, PV1, PV2, and OBX segments for ADT^A17 messages.

The CDA Exchange+ module now includes enhanced trace level troubleshooting log enhancements when importing CDA documents.

The following HTTP Thread Pool related OpenTelemetry metrics are now available for modules using an HTTP endpoint: smilecdr.http.server.thread.count, smilecdr.http.server.thread.max, and smilecdr.http.server.thread.queue_size.

An OpenTelemetry metric named 'smilecdr.session.count' has been added to track the number of active sessions for the modules that support web sessions.

If the CDA Exchange+ module encounters an entry that does not have any id elements, it will be converted to a contained resource within the resource that refers to it.

Adding a new configurable property to the PAS module for Payer System TRN

A new CDA Troubleshooting log has been added with extra logging for CDA import operations. Also, now if a CDA message submitted via Channel Import fails, that message will now be sent to the failure queue.

$evaluate-measures operation in 'distributed mode' can now evaluate multiple measures per work chunk instead of the previous single measure. This enhancement allows for greater throughput on processing. This is thanks to a new DQM configuration property for the maximum number of measure report included as part of a work chunk.: evaluate_measure.num_measures_per_subject_chunk

Customer services (e.g. interceptors, providers, etc.) can now use Spring constructor injection in addition to field injection.

This feature enhancement allows for $qpp-build operation parameter 'entityType' to now allow 'subgroup' compatibility for CMS QPP entities, and allows usage of 'subgroupId' in the 'entityId' parameter. This feature also added in checks for required entity identifiers for entityType: individual & group.

This feature addition allows for 'Organization' references found on Patient.managingOrganization field to build a population of Patients to use for dQM Measure evaluation scenarios (evaluate-measure and $evaluate-measures). This new capability allows for more flexible deployment models with prospective customers as well as simplified workflows on the dQM UI application.

New permissions were introduced to provide easier setup for MDM UI application. The permissions introduced are ROLE_MDMUI_DATASTEWARD_FHIR & ROLE_MDMUI_ADMIN_FHIR, which allow respective roles to perform FHIR operations inside the MDM UI application. See Roles and Permissions for more information.

Added support for conditional updates to the FHIR Gateway module.

Added main system log entries for document import success and failure in the CDA Exchange+ module. This allows for high level monitoring of document imports without the use of the troubleshooting log.

Adds 2 appSphere Pointcuts: AG_APPLICATION_REGISTER & AG_APPLICATION_RE_REGISTER, which allow clients to modify application information prior to developer registration or re-registration

smilecdr.module_id attribute has been added to the http.server.request.duration OpenTelemetry metric.

An OpenTelemetry metric called smilecdr.storage.duration has been added. This is a histogram metric to measure the overall invocation count, and the latency of the system-level and resource-level FHIR interactions.

A new permission called OPENID_CONNECT_MANAGE_KEYSTORES has been added. This permission is now required to be explicitly granted to the user in order to be able to create or modify SMART Keystore definitions.

When using federated OAuth2 security mode, it is now possible to use a signed JWT as the authentication credential used for code exchange between Smile CDR and the federated OAuth2 provider.

Added support to remove an XML attribute using the JavaScript XML parser.

An OpenTelemetry metric called smilecdr.etl_import.csv_row_import.duration has been added. The metric can be used to monitor the total number of CSV rows successfully processed along with mapping execution time as a histogram.

An OpenTelemetry metric called smilecdr.hl7v2.inbound_message.duration has been added. The metric can be used to monitor the duration of hl7v2 messages successfully processed as a histogram.

Upgrade the Clinical Reasoning module to the latest release of 3.13.0. This update comes with several changes and feature enhancements to CPG and dQM clinical-reasoning operations. Please review associated ticket and upgrade.md for detailed list of changes.

Prior Auth Support (PAS) now supports PractitionerRole as Claim.providerfor Claim/$submit operation.

Stubbing audit event enums for use by external web application service to register audit logs

The CDA Exchange+ module has improved the performance of the import process by streamlining the algorithm for comparing two resources by identifier.

Removed the Charts and Graphs section of the Web Admin Console. People looking for this type of information should use the Externalized Metrics or the OpenTelemetry Integration.

Removed the environment variables which allowed usage of the old Web Admin Console UI. Removed the old Web Admin Console UI Code.

Module configuration substitution rules have changed. E.g. Module config value properties can contain #{env['abc']} and #{systemProperties['abc']} (or the shorthand ${abc}) and ${{javascript:functionName()}} to be substituted by environment variables, system properties and javascript function calls respectively. Previously, substitution happened in all config properties except for Camel Route definitions. Smile CDR also now blocks configuration substitution in any JavaScript text configuration values. The reason for this is that Javascript text values can be large and complex, and like Camel Route definitions, also contain strings of the form ${abc}. This change fixes a couple of bugs where enum/boolean values generated by placeholder substitution were not being substituted in the Web Admin Console or in the Config Diagnostics, and so enum dropdowns could not be properly set and Config Diagnostics couldn't be properly evaluated in the case where these values were set via placeholder substitution.

The $submit-attachment operation has been changed in order to conform to CDex Task Attachment Request Profile 2.0.0. For solicited attachment flow, updated the validation on incoming requests against the existing Task, such that the OrganizationID, ProviderID and MemberID are validated against identifiers in contained Patient and PractitionerRole resources. For unsolicited attachment flow, when new Task is generated by the $submit-attachment operation, updated generation of Task resource to include contained PractitionerRole and Patient resources generated from $submit-attachment parameters payload.

Internal change to how module dependencies are resolved. This change should not be visible to users.

The DTR and DQM modules used to require both a dependency on a FHIR_ENDPOINT and a PERSISTENCE_R4 module. This has been changed to only require a dependency on the FHIR_ENDPOINT. The PERSISTENCE module used by DTR and DQM will now be the PERSISTENCE module that the FHIR_ENDPOINT depends on.

MegaScale is only supported in REQUEST_TENANT Partition Selection Mode. Using a different Partition Selection Mode could result in storing inconsistent data in the database. This change prevents a Storage Module from starting if MegaScale is enabled and Partition Selection Mode is set to anything except REQUEST_TENANT.

The default deduplication strategy for CDA Exchange+ import has been changed to do an exact match on all the identifiers present on the resource. This will reduce the frequency of false rejections for too many matching resources on a conditional create, with the trade-off that it may slightly increase the number of potential duplicates that are missed and will need to be merged after the fact.

A new CDA Troubleshooting log has been added with extra logging for CDA import operations. Also, now if a CDA message submitted via Channel Import fails, that message will now be sent to the failure queue.

Updated the database setup script for SQL Server (MS SQL) in the documentation to be UTF-8 compatible.

Change CRD module to support handling PlanDef/apply response containing a RequestGroup with multiple references.

Previously, MDM UI module had a hard dependency on JSON admin API module. This behaviour has now been changed to be a optional dependency. This dependency is marked for removal for 2025.02 release.

The MDM-UI module now exposes its Node ID and its OIDC Security Module ID via its /api/config endpoint.

Previously, the MDM-UI module exposed the configuration URL of the MDM module. This has been removed.

Previously, module boot order for modules with the same dependencies was non-deterministic. This has been changed so that the module boot order is now always the same.

Using the Fhir Endpoint module, if attempting to to create a patient using the demo CRUD operation, it would always fail. This has been corrected.

Previously, enabling consent services on Persistence module would not block _total=accurate searches on fhir_endpoint. This was a departure from how consent services worked in fhir_endpoint. This has now been fixed.

Previously, it was possible to submit a REST hook subscription where the endpoint URL property was not prefixed with http[s]. This issue is fixed. See REST Hook Endpoint URL Validation Regex in the documentation further details.

Previously, some of the OpenTelemetry database client connection usage related metrics were not being emitted. This has now been fixed. Also, the pool.name attributes for db client connection related metrics now contain module id in their value to make it easier to identify the module using the connection pool.

Previously, GET $evaluate-measure(s) requests with 'Prefer:respond-async' would schedule a batch job instead of generating the MeasureReport in place. This has been fixed.

Previously, $evaluate-measure and $evaluate-measures run in async mode with report-type null would not return measure report(s) with the expected measure report type according to the FHIR specification. This has been fixed.

Previously, in the CDA Exchange+ module, parsing of a Comment Activity template nested within the Planned Procedure and Problem Concern Act templates was not hooked up correctly, and the note field of the corresponding FHIR resources was not being populated. This has been fixed.

Messages from an HL7 outbound module sent over HTTP were not encoded in UTF-8. This has been fixed.

Previously, during CDA import, the transformation engine would unexpectedly abort processing if it encountered a coded field with an originalText element where both the contents of the element and the content indicated by the reference tag were empty. This has been fixed.

Previously, when using MongoDB storage, after invoking the $expunge operation with parameter expungeEverthing=true, the server history collection would be dropped. This has been fixed.

Previously, when using MongoDB storage, the $history operation (at instance and type level) would run slowly because of a missing index in one of the underlying collections. This has been fixed.

Previously, in CDA Exchange+ import, if a CDA document contains an II datatype with an assigningAuthorityName set, the transformation engine would create an Organization resource to represent that authority. This mapping has been changed so that the assigningAuthorityName will map onto the display field of a reference.

Previously, the HL7 v2.x Listening Endpoint did not process PV1 or PV2 segments for ADT^A60 messages. This has been fixed and now if PV1 and PV2 segments are present, they will be used to conditionally create an Encounter resource.

Previously, when ingesting a CDA document containing three or more representations of the same Practitioner with each instance having a different subset of identifiers, the CDA Exchange+ module would sometimes fail to merge the representations into a single instance of the resource in the generated bundle. This has been fixed.

When iterating over bundle entries in JavaScript, bundle.entry[0].resource.resourceType was undefined. This will now properly return the resourceType of the entry resource.

Updated some documentation and fixed some broken links in the Web Admin Console caused by removing Charts and Graphs.

/oauth/token requests will fail the authentication if there are conflicting parameters and/or headers in the request.

When reload_scripts_on_save is enabled on the Cluster Manager scripts containing placeholders would fail to reload. This has been corrected.

Fixed a regression in JavaScript processing which caused any IBase object to be cleared when re-assigned to itself.

Previously, the OpenTelemetry HL7v2 interceptor could throw a NullPointerException when updating conversion metrics. This happened if the generated Bundle was modified by a customer hl7v2 interceptor in a way that removed the request elements from the Bundle. This has been fixed.

The default parameters of the SystemRequestDetails created when invoking CDA import through the Channel Import module have been updated to match the parameters used when calling the $import-cda operation.

Previously, deleting a partition while using MegaScale would not clear its related internal cache entries. This which would sometimes cause issues when creating a new partition. This has now been fixed.

Previously, if SMART Outbound Security module was configured to have a context path, launching an authorization code flow for users with enabled Two Factor Authentication would fail on the providing user credentials step. This has been fixed.

The resource containment rules in the CDA Exchange+ document import process have been improved. Firstly, any resource that is directly referenced from one of the sections of the Composition of the generated Bundle will be exempted from containment. Secondly, any resource that is converted to a contained resource will be removed from any Provenance that might otherwise target it. And finally, a bug has been fixed that was blocking Organization resources from being added to the Bundle.

Previously, if a field nested within a backbone element of a FHIR resource was marked as mandatory in a CDA Exchange+ import mapping, and the corresponding element was absent from the CDA source file (as opposed to being present but populated with a nullFlavor attribute), the parsing of the resource would fail with a DataFormatException. This has been fixed.

Previously, the response card was throwing error when 'Questionnaire' extension was not present in CQL response.This behaviour has been fixed and now a response card is returned.

Previously, the CDA Exchange+ mappings were transforming the medication associated with a MedicationStatement resource into a reference to a Medication resource. This has been changed to transform the medication into a codeable concept, harmonizing this mapping with the one for MedicationRequest.

Error handling and reporting have been improved in the CDA Exchange module for datetime fields with non-standard formats.

Previously, an edge case existed in the CDA Exchange+ module where the data pattern <effectiveTime value=''/> in certain contexts would cause the transformer to repeat processing the node indefinitely, hanging the thread. This has been fixed.

Previously, when users with UPDATE_MODULE_CONFIG_FOR_MODULE or MODULE_ADMIN_FOR_MODULE tried to update module config for a specific module via JSON admin endpoint, it resulted in a 403. This behaviour has been fixed.

Previously, the CDA Exchange+ module would throw a null pointer exception trying to set the performer of a ServiceRequest. This has been fixed.

Increased security on endpoints that fetch System Restore points.

Fixing PAS module configurable property for Payer System TRN

Removed code for obsolete metrics collection feature and added migration to drop related tables.

Debezium support for Realtime Export has been removed. Pointcut mode remains available.

Elastic APM support has been removed. Please use the OpenTelemetry Integration instead.

Backported from: 2024.11.R01

Added support for conditional updates to the FHIR Gateway module.

Backported from: 2024.11.R01

Fixed a regression in JavaScript processing which caused any IBase object to be cleared when re-assigned to itself.

Backported from: 2024.11.R01

Removed the Charts and Graphs section of the Web Admin Console. People looking for this type of information should use the Externalized Metrics or the OpenTelemetry Integration.

Backported from: 2024.11.R01

Removed the environment variables which allowed usage of the old Web Admin Console UI. Removed the old Web Admin Console UI Code.

Backported from: 2024.11.R01

MegaScale is only supported in REQUEST_TENANT Partition Selection Mode. Using a different Partition Selection Mode could result in storing inconsistent data in the database. This change prevents a Storage Module from starting if MegaScale is enabled and Partition Selection Mode is set to anything except REQUEST_TENANT.

The onTokenGenerating(...) callback script in the SMART Outbound Security module now takes an optional 3rd argument containing details about the client that was used as a part of the auth flow. Note that this new argument was added as an optional argument at the end of the argument list, so this change is non-breaking to exising scripts implementing this function.

Allow Camel modules to register health checks

The CDA Exchange+ module can convert between a CDA Payers section and FHIR Coverage resources, capturing only information about the payer organization at this time.

A new callback script function has been added to the SMART Outbound Security module which can be used to add authorities to the session based on approved scopes and existing approved authorities. This can be used to enhance or even replace the built-in scope-based authority narrowing.

Implemented the redesign of plan of treatment section, the section now no longer creates a base CarePlan resource

Added support in the CDA Exchange+ vocabulary service to support one to many code mappings.

Added new config key 2fa.required to the web admin console when set to true will required the user to provide a Two-Factor Authentication token before logging in.

Added bi-directional mapping in USCDIv2 between CDA Sexual Orientation Observation and the US Core 5.0.1 Observation Sexual Orientation Profile

A new Persistence Module config diagnostic message has been added that writes out a WARNING message regarding partition selection mode when partitioning is disabled.

Migration away from database LOB datatypes for the Cluster Manager database. This change mainly affects PostgreSQL users as we effectively cut all ties with the inefficient pg_largeobject table. We also provide the capability to force persisting data to LOB columns through property configuration if desired. The default behavior is to not persist in lob columns.

Added sorting capability to gateway endpoint, limited to the standard SearchParameters defined in the FHIR release. This implementation requires target servers replies to include next and/or previous links when additional resources are present in the corresponding direction.

The CDA Exchange+ module can convert embedded participants and policy activity within CDA Payers section to FHIR Coverage resources.

The CDA Exchange+ module now has the ability to process a Note Activity template embedded within a Procedure.

The CDA Exchange+ module now has the ability to process a Note Activity template embedded within a Result Observation.

With a handful of exceptions for (Mental Status, Functional Status, Payers, Plan of Treatment, and Vital Signs (Entries Required)), the CDA Exchange+ module can now map Note Activity templates found at the root of a given section. Further support will be added in future.

The CDA Exchange+ module now supports Assessment Scale Observation entries embedded within Problem Observations.

Add support for the $log-questionnaire-errors operation defined the Da Vinci Burden Reduction DTR IG.

Additional OpenTelemetry span attributes are added to the local root span in FHIR endpoint HTTP traces. These attributes include request id, tenant id, username, OIDC client id, the resource type, resource logical id and operation name from the request path, the resource type and resource logical id from the successful response bodies, and restful interaction code.

The CDA Exchange+ module now supports the Discharge Diagnosis section.

The CDA Exchange+ module now supports the Admission Diagnosis section.

Added validation of the server seed file to diagnostics checks of the System to System Data Exchange module.

Improved ergonomics of iterating over HL7v2 segment repetitions in JavaScript by exposing a forEach method.

The CDA Exchange+ module is now able to parse Comment Activity templates embedded within Allergy Concern Acts.

Update the $questionnaire-package operation for DTR to allow use of the $apply operation to generate the Questionnaire and supporting package. Also added documentation for the DTR module.

The REQUEST_TENANT partition selection mode now supports performing the $reindex operation against all partitions by using _ALL as the tenant name in the request URL. See Tenant Identification Strategy documentation. This has been enabled for MegaScale on and off scenarios.

The CDA Exchange+ module now supports the Medications Administered section.

New cdr operation $evaluate-measures that allows for the same low latency and batch functionality as standard measure evaluation, but allows users to run multiple measures in a single request for a subject population. This is especially helpful when running quality reporting for submission that re-uses the same population for a set of measures. Accompanying this new operation are documentation updates explaining how to use the operation, as well as refactoring batch2 classes and helper functions.

Added a configurable property to specify a max number of times a target server should poll the source server for export results. This value is defaulted to 100.

Add plugin support in the CDA Exchange+ module for the USCDI v2 specification which subsumes R4 and US Core v5.0.1 implementations.

Enhanced the experimental CDA Exchange+ module with the capability to perform a simple import of a CDA document using a Camel route.

If provided with a server seeding file, System to System Data Exchange module will not only validate the path to the resource, but the servers contained therein. If any fields necessary for $invoke-export are not provided, warnings will be logged (but startup will still continue).

Added warnings to startup if there are multiple persistence modules using the exact same database (not a supported production environment).

Added narrative only sections Hospital Course, Hospital Discharge Instructions, Chief Complaint and Reason for Visit, Chief Complaint, and Reason for Visit for Discharge Summary in the CDA Exchange+ module.

When populated, the search score field will now be included in the entries of a FHIR Gateway response Bundle.

Added bi-directional mapping between CDA Discharge Medications section and the FHIR R4 MedicationStatement resource.

Added bi-directional mapping between CDA Admission Medications section and the FHIR R4 MedicationStatement resource.

The CDA Exchange+ module now supports the Past Medical History section.

Added OpenTelemetry trace_id and span_id to the logback log pattern. These values will appear on the log lines with T: and S: prefixes, respectively. This helps correlating logs and traces with each other when OpenTelemetry is enabled but exporting logs via the javaagent is disabled.

Added a warning at startup if the db.hibernate_search.mode config setting is set to LUCENE_DISK or LUCENE_MEMORY, since these are not recommended in a Production environment.

Searches through the FHIR Gateway will now support parameters _content, _filter, _language, _list, _tag, _text and _security.

Added Camel processor for executing CDA Exchange+ pre-import javascript processing.

Added Camel processor for executing CDA Exchange+ CDA_PRE_IMPORT pointcut processing. See cdaToFhirPreConvertInterceptorProcessor for more information.

Added Camel processor for executing CDA Exchange+ post-import javascript processing. See cdaToFhirPostConvertScriptProcessor for more information.

Added Camel processor for executing CDA Exchange+ CDA_POST_IMPORT pointcut processing. See cdaToFhirPostConvertInterceptorProcessor for more information.

The following OpenTelemetry metrics are now generated for resource creations and updates, respectively: smilecdr.storage.created_resources_count, smilecdr.storage.updated_resources_count. Both metrics have smilecdr.storage.resource_type as an attribute so that the counts are available per FHIR resource type.

An OpenTelemetry metric, named smilecdr.hl7v2.inbound_message.conversion_resources_count, is now added. The metric counts the FHIR resources to be created or updated in the FHIR transaction bundles generated by HL7 v2 to FHIR conversions.

Added Cda Exchange + module as licensed module and removed requirement of a feature flag

Finalize the external API for Camel integration with the CDA Exchange+ module and update documentation.

A new extension script function has been added which is invoked by the SMART Outbound Security module during the Client Credentials with JWT Credential authorization flow, and can modify the client's session.

Expand support for CMS QPP programs pcf and mvp on $qpp-build operation, simplify program library structure to reduce maintenance burden between multiple programs and submission methods (one resource instead of many). Remove restriction on qty of reports for quality program library to allow users to build a subset of a library. Add parameters for submissionMethod for dynamic runtime override to allow for dQMUI pre-score for registries, add new programName parameter to operation, and simplify measureReportIds parameter to be list instead of string. Move CMS measureID connection from Quality Library to Measure resource.

A new setting has been added to the SMART Inbound Security module which allows the customization of the SMART Capabilities document by adding additional capabilities.

Previously, a cdr with admin web configured with config.2fa.required=true and no user with 2FA enabled was effectively locked out and unable to set up 2FA at all (scanning barcode with Authenticator app). These users can now log in, and will now be forced to enroll in 2FA on their next login.

The service which allows to send messages to a Camel route endpoint has been enhanced to return the full Exchange object.

New enhancement to distributed $evaluate-measure operations that allow for reportType subject-list which defines a List resource with which subjects make up a Measure Report population. This feature will be a critical component for Provenance, audit processes, and downstream operations like population scale $care-gaps.

A new node configuration has been added to the Smile CDR Properties File. node.environment.type can be set to one of DEV, QA, PERF, STAGING, PROD. This new value will appear in square brackets after the node id to help server admins identify what kind of server they are working on. This value may be used for other functions in the future.

In MegaScale mode, FHIR Batch and FHIR Transaction operations are now correctly supported. FHIR Transaction operations will only work if all resources in the trasnaction can be executed in the same partition.

Added a [configuration][docs/configuration_categories/hybrid_providers_definitions.html#property-fhir-parser-error-handler-type] to the Hybrid Provider Endpoint module to specify the type of FHIR Parser Error Handler to invoke when handling resource parsing errors on the endpoint.

This release supports zero-downtime upgrades on Azure Sql Server

Added a warning message in the login and profile page warning user that they do not have the permission to setup their own Two Factor Authentication.

Add support for looking up a Task based on the Context parameter passed into the $questionnaire-package operation. If the task is found and contains an input with the correct questionnaire code the valueCanonical from the input will be used to build the Questionnaire Bundle.

A new feature called Optimize index storage has been added to the FHIR Storage module. If enabled, the server will not write data to the SP_NAME, RES_TYPE, SP_UPDATED columns for all HFJ_SPIDX tables. This can help reduce the overall storage size on servers where HFJ_SPIDX tables are expected to have a large amount of data. See Enabling Index Storage Optimization for more information.

Change CRD module to utilize CQL PlanDefinition's $apply operation for CDS hook evaluation.

Split out SubscriptionSettings from StorageSettings.

The configuration of the transformation strategies in the CDA Exchange+ module has changed to derive the target data type from the FHIR model definitions whenever possible, simplifying the mapping configurations.

Change CRD module to utilize CQL PlanDefinition's $apply operation for CDS hook evaluation using Payer Patient ID.

In the CDA Exchange+ module, the ability to assign the result of a transformation to a cache rather than assigning it to a FHIR field has been moved to the BaseTransformationStrategy class, and the special purpose TransformAndCacheStrategy class has been removed.

The $invoke-export operation used in the System to System Data Exchange module was renamed to $sdh.s2s.invoke-export in order to comply with the operation naming convention.

Remove feature flag from Prior Auth Modules (CRD, DTR, PAS)

A new callback script function is now configured in the main scripts of SMART Outbound and SMART Inbound.

An oversight in the implementation of text-only support for the Advance Directives section in CDA Exchange+ lead to the section not exporting. This has been corrected.

Calling getLaunch() or getState() in onTokenGenerating callback would throw an exception. This has been fixed.

Previously, depending on the type of database, it was possible to add duplicate non-archived OpenID Connect servers (CDR_OAS_SERVER). This has been fixed with server-side validation that returns an error on any attempt to create such new duplicate non-archived servers.

Previously, changing the default partition id after the persistence module had been initialized would cause a primary key violations and throw an error message that did not mention that changing the default partition id could cause this. The error message has been updated to list this as a potential cause.

Z segments of messages passed to HL7v2 inbound scripts were being changed from the original message, causing various script operations on those Z segments to fail. This has been corrected.

Previously when exporting documents in the experimental CDA Exchange+ module certain codes would not translate properly. This has been fixed.

Previously, if an IG was seeded and default search parameters were disabled, the IG would fail to load. This bug, caused by an incorrect boot order between the IG loading module and the search parameter module, has been fixed.

Previously, processing inbound HL7v2 messages could lead to resource(s) duplication when multi-tenancy is enabled. This issue has been fixed.

Previously, when given RDE-O11 or RAS-O17 messages, the HL7 v2.x Inbound Mapper incorrectly mapped uncoded Medications in RXE-2 and RXA-5 to MedicationRequest.medicationCodeableConcept.text and MedicationAdministration.medicationCodeableConcept.text respectively. This has now been fixed so that the aforementioned segments are mapped to Medication References within MedicationRequest and MedicationAdministration.

The CDA Exchange+ module previously exhibited inconsistencies in its treatment of duplicate items under certain conditions. This has been resolved.

Previously, on MSSQL, two resources IDs that are identical except for case (ex: Patient1 vs. patient1) would be considered to have the same ID because the database collation is case insensitive (SQL_Latin1_General_CP1_CI_AS). Among other things, this would manifest itself when trying to delete and re-create one of the resources. This has been fixed with a migration step that makes the collation on the resource ID case sensitive (SQL_Latin1_General_CP1_CS_AS). Also, the documentation has updated to include steps to replicate the new migration code with manual SQL.

HL7 messages that failed to be processed would throw an exception, but this exception would not always include the location of the error (making them not that useful). This has been fixed.

A bug prevented Oracle backed cluster-mgrs from being able to revoke all tokens (access and refresh tokens). This has been fixed.

Updated the $invoke-export job in System to System Data Exchange module to poll the source server for export results in a more reliable way.

The CDA Exchange+ module was failing to render the Advance Directives section. This has been corrected.

When a user downloads the System Config ZIP file from the Web Admin Console, it was overriding too many property values with the [REMOVED] placeholder. It has been changed to reveal more property values as configured so that we can properly diagnose problems using their specific configuration.

Previously, adding or removing tags to/from an existing resource would fail when Mega Scale was enabled. This problem has been fixed.

Previously in the CDA Exchange+ module, the Functional Status section resources were not populating at root level on export. This has been fixed.

Previously, when Transaction Log Persistence and Transaction Log Broker modules were introduced, the properties they inherited from Cluster Manager did not have distinct values specific to the module and were instead using the value from Cluster Manager or the default. This has been fixed.

Previously, when multiple Transaction Log Broker or Transaction Log Persistence modules are processing the same transaction log event and one of them would update the payload body (clear or truncate) as per configuration, the payload body change would apply to all transaction logs stored/published. This has been fixed.

The MeasureScore was not aggregating for Measures that did not have a group.id populated. The fix allows for both options on a single rate measure. This fix also included an update for CMS qpp specification reference to source 2024 data, which will be required in August 2024 for testing. This fix also addressed performance issues on dqm4IT to make tests quicker and categorization more clear.

Previously, when importing a Procedure through the CDA Exchange+ module, if the Procedure statusCode element had a nullFlavor of UNK, this would be represented in the FHIR resource with a data-absent-reason extension. Now, the status field will be populated with the code unknown.

Previously in the CDA Exchange+ module, when a Practitioner was mapped from a Note Activity participant a new Practitioner resource was created every time rather than looking up to see if the resource already existed. This has been fixed.

Previously, performing a cross-partition reference search would not find the expected resource(s). This has now been fixed.

Previously, the CDA Exchange+ module was not correctly translating subscriber relationship codes in the Coverage.relationship field. This has been fixed.

Previously, the CDA Exchange+ module was retaining the display text of the source coding when importing a CodeableConcept. The display text of the translated coding will now be used where appropriate.

Previously, when exporting a Coverage through the CDA Exchange+ module, the code element would be omitted if the concept in Coverage.relationship could not be translated to a corresponding concept in the CDA value set. Now, the code element is present, and populated with a nullFlavor of 'OTH'.

Previously sending large (20MB+) messages to channel import would result in a JSON deserialization error. This has been fixed.

Previously, attempting to store resources with common identifies but different partitions would. This has been fixed by adding a new new configuration option to store resources with duplicate identifiers across partitions

Fixed a bug that allowed users to bypass 2-factor authentication when 2fa is required for user login.

Fixed a bug that would sometimes have 2FA codes being displayed without prepended 0s. This has been fixed.

As a consequence of jakarta migration (release 2024-02), WAC would no longer support basic authentication when SAML authentication is enabled on the endpoint. This issue has been fixed.

Previously, a booting Subscription module created and exported a Bean of type SubscriptionTopicLoader only for FHIR version 4B and R5 which lead to ERROR entries in the start-up logs. This issue is fixed.

$invoke-export operations would result in some errors being logged. This didn't break functionality, but the logs have been mitigated to appear less frequently.

Previously, when attempting to view a Camel module that contains a #{} delimiter in the Camel Routes text box, the WAC would go blank. This has now been fixed.

Previously, the {module_id}/template/{template_id}/apply and {module_id}/{resource_type}/{resource_id}/apply endpoints were not working for the CDA Exchange+ module. These have now been hooked up correctly.

Previously, the CDA Exchange+ module would encounter an error processing section-level notes with a legal authenticator. This has been fixed.

Previously, if Audit Log was enabled and set up to write logs to the Cluster Manager database, performing search on the Audit Log page in the Web Admin Console generated SQL queries that could cause timeouts. This issue has been fixed.

Register prior auth module on Cds Hooks Endpoint using module ID

2FA codes produced by smile should match what authenticator apps produce, regardless of time zone or other issues.

Previously, attempting to archive a module would result in no visible result, but an error in the logs. This has been fixed.

A fix to address observed dqm batch-job performance regression in step 2 of processing measure evaluation.

Previously, the CDA Exchange+ module documentation contained implementation guide specific sample scripts. Sample script has now been fixed to work with all IGs.

Previously, when ingesting a message in the HL7v2 Inbound Module over HTTP, the transaction log would fail to record the remote IP address. This has now been fixed.

Previously, for a FHIR gateway target, the default socketTimeoutMillis and the connectTimeoutMillis were 10000 instead of the intended default of 60000. Furthermore, setting these options explicitly in the target configuration was not taking effect. These issues have now been fixed. If provided, the values from the target configuration are respected, and the default is 60000.

Previously, the CDA Exchange+ module would throw a NPE if the Mental Status section contained an Observation where code.coding.code was not populated. This has been fixed.

Previously, the CDA Exchange+ module would not map AllergyIntolerance.type and AllergyIntolerance.category to the proper Observation value. This has been fixed.

The warning at startup if the db.hibernate_search.mode config setting is set to LUCENE_DISK was changed to indicate that it cannot be used in a clustered environment.

Previously, the CDA Exchange+ module would throw a NPE when trying to import a CDA document with the plan of treatment section. This has been fixed.

Previously, the versioned_references.allow_at_paths configuration property had a default value that used comma delimiters. However, this value is whitespace delimited. This has now been fixed.

Previously, FHIR Web was using the old Smile CDR logo. This has been fixed as it's now using the Smile Digital Health logo.

Previously, if a CDA_PRE_IMPORT or CDA_POST_IMPORT pointcut was defined and the operation used the new CdaToFhirConversionResultJson, a NullPointerException was thrown. The issue is fixed.

The prior auth module will now overwrite the existing extension of a DomainResource with the response generated from the CQL engine.

Previously, when using a JavaScript callback script to replace the Bundle.entry.resource part of an HL7v2 Mapper response, some resource fields, such as Patient.name, were duplicated. This has been fixed.

As part of the migration from LOB, a regression was introduced where an endpoint configured as a SMART on FHIR server would fail token generation when using Postgres. The issue is fixed.

The Transaction Log Processing Time was not populated for FHIR requests. This has been fixed.

Previously, when importing a CDA document through the CDA Exchange+ module, the subject field would not be populated in a ServiceRequest resource derived from a Planned Act entry. The subject is now populated correctly.

Previously, an Hl7v2 Inbound module boot up process attempted to create non-partitionable resources outside of the default partition. The issue is fixed.

Authenticating an access token with claims would log warnings. This has been fixed (no warnings will log).

The prior auth module will add the ext-coverage-information extension to the requesting order list of extensions, or overwrite it if it already exists in the order.

When editing a module and selecting dependencies, archived modules would be returned. This bug has been fixed.

Previously, the CDA Exchange+ module would encounter a DataFormatException when trying to export a Plan of Care section containing any resource type other than Service Request. This has been fixed.

Previously, the CDA Exchange+ module was not rendering Conditions as entries in the Problem section as part of the export operation. This has been fixed.

In the CDA Exchange+ module, when exporting data from the attachment datatype, if the Base64-encoded data can not be safely decoded, it will be left in Base64 format. Previously, in this scenario, the transformer was not outputting a representation attribute to declare the encoding. This has been fixed.

Previously, the CDA Exchange+ module would encounter a DataFormatException when attempting to format a root-level Note entry in the Procedures section of a document. This has been fixed.

Previously, when importing a CCD with a Sexual Orientation entry or Gender Identity entry with no value to be mapped on import, the dataAbsentReason is not being populated. This has been fixed.

Previously, a user without proper permissions was able to click on the disable/enable button for TFA on their account from the profile page. This issue is fixed.

Added Camel module documentation about needed library dependency for health checks.

$qpp-build bug fix for measurementPeriod validator method and handling of MeasureReport.population-code of 'numerator-exclusion'. Fixed invalid request example for $evaluate-measures in documentation. Fixed distributed $evaluate-measures bug where error is thrown when 'reportType' parameter is populated with 'null'.

Previously, performing a DELETE with _expunge=true on MongoDB with partitioning enabled on PATIENT_ID mode would throw an error message saying 'No Partition support for Mongo DB', despite partitioning being supported on PATIENT_ID mode with sharding. This has now been fixed.

Previously, invoking operation $evalutate-measure on a data set large enough to trigger batch size processing could generate an internal error and fail the operation. This issue is fixed.

Previously, the persistence module was failing to start when MegaScale was enabled and a package was being pre-seeded. This has now been fixed.

Previously in the CDA Exchange+ module when exporting a CCD with a History of Medical Device use section, a nullFlavor was output even though the section contained entries. This has been fixed.

Previously in the CDA Exchange+ module when importing a CCD with a Family Member History section, no FamilyMemberHistory resources were created for entries. This has been fixed.

The sample docker-compose.yml file in the Docker Quickstart Guide has been updated to specify an image platform.

Elastic APM has been deprecated, and will be removed in 2024.11.R01. Please use the OpenTelemetry Integration instead.

Debezium support (CHANNEL mode) for Realtime Export has been deprecated, and will be removed in 2024.11.R01. POINTCUT mode will remain available.

Backported from: 2024.11.R01

MegaScale is only supported in REQUEST_TENANT Partition Selection Mode. Using a different Partition Selection Mode could result in storing inconsistent data in the database. This change prevents a Storage Module from starting if MegaScale is enabled and Partition Selection Mode is set to anything except REQUEST_TENANT.

Backported from: 2024.08.R01

This release supports zero-downtime upgrades on Azure Sql Server

Backported from: 2024.08.R01

As a consequence of jakarta migration (release 2024-02), WAC would no longer support basic authentication when SAML authentication is enabled on the endpoint. This issue has been fixed.

Backported from: 2024.08.R01

Previously sending large (20MB+) messages to channel import would result in a JSON deserialization error. This has been fixed.

A new experimental module called EasyShare has been added. This module implements the emerging SMART Health Link standard, allowing IPS documents to be shared using a QR code.

The FHIR Gateway module will now more faithfully propagate errors returned by target servers back to the calling client. See Error Handling for more information.

The CDA Exchange+ module will throw an error if relying on a persistence module with partition enabled and partition mode set to PATIENT_ID.

The CDA Exchange+ can now parse and format function status observations as self care activities and functional status observations

The experimental CDA Exchange+ module will now populate FamilyMemberhistory.deceasedDate if information is available at (...).organizer.subject.relatedSubject.subject.sdtc:deceasedTime of a Family History Organizer (V3).

The experimental CDA Exchange+ module now supports the Nutrition section as a text-only section.

The experimental CDA Exchange+ module now supports CDA Mental Status section mapping to Observation resources.

The experimental CDA Exchange+ module now supports the Advance Directives section as a text-only section.

Added transaction log support for the CDS hooks endpoint.

Updated Grafana dashboard templates with descriptions of Grafana charts.

Updated Grafana dashboard templates to support new PROMETHEUS_V2 metrics format. Added support of metrics differentiation by Node ID and Process ID for Grafana charts.

Metrics format PROMETHEUS_V2 is introduced for the metrics endpoint. In this new format, node_id, process_id and module_name labels are added to metrics to differentiate them by Node ID, Process ID, and Module Name. See Fetch Local Metrics for more information.

Documentation was added for remote terminology $lookup and $translate operations.

The experimental CDA Exchange+ module now supports the Assessment section.

Added batch job framework for the $invoke-export operation to the System-to-System Data Exchange module.

Added a way to obtain an auth token for $member-match and $export requests in system to system data exchange module.

Added a step to the $invoke-export batch job that will call $member-match on the responder server. This feature is experimental.

Added a step to the $invoke-export member match job that will poll on export. This is a stop-gap step for V1 and will be updated accordingly. This feature is experimental.

Added a step to the $invoke-export batch job that will handle response of $export call on the responder server. This feature is experimental.

Added a step to the $invoke-export batch job that will transform the imported binaries into resources.

Added a step to the $invoke-export batch job that will finalize the results of the batch job. This feature is experimental.

Previously, attempting to run $cda-import set to binary_storage.mode=DATABASE_BLOB resulted in a database constraint error when attempted to save the document. This blocked a second error with processing a FHIR Enumeration. Both errors have been fixed.

Added support for new POLL_WAITING workchunk statuses for batch jobs.

Added MongoDB support for changes on GATE_WAITING state in the Hapi-Fhir Batch2 framework.

A Camel broker consumer and producer has been added, which knows internal Smile message topics, allowing to simply reference them by name. See the HTTP Server Setup documentation for more information.

Added new public interface to the cdr-public-api called IPublicBrokerSender. This allows customers to send simple string messages to the cluster-configured broker. Refactored the Camel broker processor to make use of it as well.

The CDA Exchange+ module vocabulary translation service now supports the ability to explicitly map a code to no matched value, resulting in the corresponding field being left unpopulated. This capability has been used in the mappings for AllergyIntolerance.type and AllergyIntolerance.category.

The CDA Exchange+ module now uses Value Set uris instead of Code System uris to determine the target scope of a vocabulary translation.

In the experimental CDA Exchange+ module when exporting an AllergyIntolerance resource if the clinical status is set to 'resolved' we will now set the CDA observation effectiveTime/high element with a nullFlavor of 'UNK'.

Changed the javascript execution environment CompositionResourceProxy API to allow adding attesters and events to the Composition within javascript functions.

Several enhancements have been made to the FHIR Gateway module:

• Update/Create operations are not currently fully aware of prefixes assigned to the target, resulting in invalid resources being sent to the target. This has been corrected.
• A logger at info level currently logs every transaction through the gateway, which hurts performance. This has been reduced to DEBUG level.

Added System-to-System Data Exchange to Feature Comparison Summary to specify that it is not supported on MongoDB.

In the experimental CDA Exchange+ module, when importing a CDA document, any Planned Immunization Activity entries found in the Plan of Treatment section will be converted to MedicationRequest resources and linked to the CarePlan resource.

The experimental CDA Exchange+ module now supports the Instructions section as a text-only section.

In the experimental CDA Exchange+ module, when importing a CDA document, any Planned Medication Activity entries found in the Plan of Treatment section will be converted to MedicationRequest resources and linked to the CarePlan resource. When exporting a CDA document, any MedicationRequest resources found linked to the CarePlan will be rendered as Planned Medication Activity entries.

Added additional comments in the custom logging files provided in the customerlib folder and also the documentation discussing this aspect of the server.

In the experimental CDA Exchange+ module, the USCDI v1 plugin now produces MedicationRequest resources from planned immunization activity conforming to US Core 5.0.1 within CDA Plan of Treatment section.

In the experimental CDA Exchange+ module, the USCDI v1 plugin now produces MedicationRequest resources from planned medication activity conforming to US Core 5.0.1 within CDA Plan of Treatment section.

In the experimental CDA Exchange+ module Non Medicinal Supply Activity template embedded within CDA Medical Equipment sections are now mapped as Device resources.

Added OpenTelemetry tracing for camel routes

In the experimental CDA Exchange+ module Problem Observations coming from the CDA Problems section are now the source for Condition content when duplicate Problem Observations are encountered.

Previously, the HL7 v2.x inbound processor used a combination of ORC-2 and RXA-2 to populate MedicationAdministration.identifier. This has been preserved as default behaviour, and a new property called Use ORC-3 as Primary Identifier has been added. When enabled, ORC-3 will be used instead of ORC-2 when populating MedicationAdministration.identifier.

A sample project illustrating how to develop an IPS Generation Strategy has been added to the Smile CDR documentation.

Updated the experimental CDA Exchange+ module to support bidirectional mapping procedures with CDA Procedure Activity Observation template

Adding new configurable PAS module Payer Organization parameter.

Added a quickstart guide for setting up System 2 System Data Exchange / Payer to Payer transfers.

Added a diagnostic warning to module System to System Data Exchange when the Storage property auto_create_placeholder_reference_targets is disabled.

Enhanced the resource creation step in the $invoke-export batch job with placeholder ids.

On the FHIR Gateway module, it is now possible to disable paging links entirely on specific search routes.

DocumentReference ids will now be added to the Task.output of the Task returnd from the $invoke-export call.

dQM module hardening of resource validation, testing scenarios, and more meaningful error handling for invalid resources and operation parameters. This also provided a fix for issue ticket 5674 where the same population of subjects queried was getting inconsistent results. Enhanced batch2 evaluate to process empty MeasureReports without error to match non-async behavior. We added more metaData to batch2 to retrieve records processed qty. Improve readability of qpp-build feature by breaking into respective classes for functionality

A new optional setting called Narrow Conditional URL Search Scope has been added. This setting automatic search URL narrowing to also be applied to conditional URLs such as conditional create and conditional update URLs.

A new setting has been added to the SMART Outbound Security module which prevents user sessions from being reused between multiple Authorization Flows.

Add support for migrating separate audit and transaction log schemas with smileutil.

The experimental CDA Exchange+ module now supports mapping to and from CDA Assessment Scale observation template within the CDA Social History section.

Refreshed Clinical Reasoning documentation to rebrand to 'Quality Improvement' and provide additional example resources, example requests/responses, parameter breakdowns, and mapping for modules with clinical reasoning operations. Also implemented several more interconnected links to guide users to documentation more seamlessly and inform users of additional operation use cases. This also changes naming of 'Async' Evaluate Measure to 'Distributed Evaluate-Measure'.

Added support for passing partitionId as a parameter to Smile Camel processor bundleProcessor.

An Hl7v2 RXC-2 segment (component code) can now be mapped to a CodeableConcept resource instead of a Medication resource. See property Medication Component Mode.

The experimental CDA Exchange+ module will now transform the assignedEntity elements within the authenticator, legalAuthenticator and documentationOf/serviceEvent/performer elements of the header into Practitioner resources.

The experimental CDA Exchange+ module will now populate Identifier.assigner with a reference to an Organization resource instead of just capturing the name of the organization as display text.

Added functionality to System to System Data Exchange module that will allow OIDC Servers to be created from a seeding file on module startup.

Previously, the FHIR Gateway would not correctly page if there was a mismatch between a target's defined baseUrl component, and that target server's fixed endpoint URL. e.g. if a target was defined at localhost:8000, but that server advertised itself as http://myfhirserver.com, then pagination would fail. This change adds a new field to the Gateway Configuration Document's target component, called fixedEndpointUrl.

Update the Channel Import module to allow messages for the experimental CDA Exchange+ module.

Update to the latest version of the Clinical Reasoning module to support the PA PoC. This includes the following changes:

• Updated the Clinical Reasoning documentation.
• Added support for additional parameters on operations.
• Added StructureDefinition/$questionnaire operation.
• Add ability to generate PlanDefinition/$apply results with unique ids.
• Resolved issues with Questionnaire item generation during PlanDefinition/$apply.
• Resolved issues with some request resources not generated correctly from ActivityDefinition/$apply

smilecdr start script now allows default OpenTelemetry java agent configuration file to be overridden with 'OTEL_JAVAAGENT_CONFIGURATION_FILE' environment variable. Also, the default configuration have been changed to use the stable semantic conventions for HTTP spans, capturing the 'X-Request-ID' HTTP response header as an attribute in HTTP spans.

Added support for FHIR Gateway $meta-add and $meta-delete operations.

Updated the System to System Data Exchange module's quick start guide to indicate the requirement of a FHIR Endpoint on the OIC Server. Added additional code level validations to ensure these criteria are met.

Gateway pagination tests were added to validate a wider variety of gateway and target server configurations as large number of target servers and different target server pagination sizes.

An OpenTelemetry span is now generated for any JavaScript callback execution. Such spans are named as 'smilecdr.javascript_callback'. The name of the JavaScript callback function is available as a span attribute named 'smilecdr.javascript_callback.function_name'.

Add additional Clinical Reasoning operations $collect-data and $data-requirements to CDR & Hapi to expand capability for dqm module users. These operations will assist users in identifying data requirements for evaluating a measure, and what data was used for a measure evaluation. We have also updated the 'Quality Improvement' documentation to support the new operations. As well as added multi-threading capability and configuration for Care-Gaps operation in addition to supporting documentation. Additional measure Evaluator documentation to explain scoring methods, basis, and evaluator algorithm

As part of the migration from LOB datatype, provided the capability to configure whether data should also be persisted to lob columns.

If a user with the FHIR_OP_INITIATE_BULK_DATA_EXPORT_PATIENTS attempts a type-level patient export, that request will now be automatically narrowed to the patients for which that user has permissions.

Migration from the LOB datatypes for audit and transaction logs. Further changes will be made in subsequent releases to eliminate all use of the pg_largeobject table. This change preminently affects users of Postgres database but should yield performance boost for MSSQL as well.

Update the format of the date to always show the date and time.

Enable MDM license restrictions.

Removed optional dependency of FHIR Endpoint module on Websocket Subscription module. This dependency was only used to add websocket subscription endpoint details to the Capability Statement (and introduced a risk of an invalid dependency cycle). Instead, the Websocket Subscription module now automatically registers a new Capability Statement Filter on the FHIR Endpoint when it starts up (following a similar mechanism to how modules register Resource Providers on the FHIR Endpoint.) Note as a part of this change, websocket subscription endpoint details are no longer included in the Capability Statement for DSTU2 repositories.

Remove MdmPlaceholderInterceptor and RealtimeExportPlaceholderInterceptor from persistence module. These are no longer required since module plugin dependency was introduced and modules are now started in two phases.

Previously, processing SIU^S13, SIU^S14, SIU^S15, SIU^S17, SIU^S26, OMG^O19, ORM^O01, ADT^A30 HL7v2 messages appeared as Unknown Message Trigger in the transaction log. This has been fixed.

Previously, a user missing authorization to manage batch2 jobs could cancel or restart jobs from admin json. This has been fixed.

Previously, displaying the body of a transaction log with a long line would cause the side panel to resize in a way that would make information hard to access. This issue has been fixed.

Previously, Grafana Dashboard JSON files downloaded from module metrics page in Web Admin Console had incorrect dashboard titles. This issue has been fixed.

Previously, when setting a custom context_path in admin web, when a session expired and a user clicked on a link, they were redirected to the root of the signin page without the context path, resulting in a 404. This has been fixed.

A regression was introduced in 2023.05.PRE-09 which caused users who authenticated with IAM auth to fail to boot. This has been fixed.

A regression was introduced in 2023.05.PRE-09 which caused users who authenticated with AWS Secrets Manager to fail to boot if they did not provide a value for the password field. This has been fixed.

MegaScale now supports loading Subscriptions from tenant shards, in addition to the default shard.

Previously the lastConnectedTime displayed in the Administration Console showed date/time in UTC. This has now been corrected. Date and time are displayed according to the local time zone.

Special handling has been added to the CDA Exchange+ module for several fields where nullFlavor='UNK' should be converted to a code in the target ValueSet rather than a data-absent-reason extension.

Previously, the experimental CDA Exchange+ module support for the Instructions section was not working for the export path. This has been fixed.

Changed the status used in the Task related to $invoke-export batch jobs. Added Extension to the Task which contains the value of the related batch job instance id.

Updated the $member-match input parameters from "oidcServerId" -> "sourceIssuerUrl". Will now use the token endpoint from the configured oidcserver's .well-known endpoint for authentication.

In the experimental CDA Exchange+ module extra Encounter resources were being created when an encounter element was found in the Notes section of the CDA document. This has now been fixed.

Previously, while processing HL7v2 XCN segments, multiple given names would map to a single given name. This has been fixed.

Previously, we could not access fields via path for segments returned by HL7 v2.x JavaScript function findSegments(...). This has been fixed.

As a consequence of jakarta migration which took place in 2024-02 release, some endpoint URLs stopped working. This has now been fixed for admin-json and admin-web modules.

Previously, restarting a module had the Web Admin Console displaying that the module and its dependent are stopped when they are in a running state. This has been fixed.

The Runtime Monitor charts in the Web Admin Console failed to load if a non-default context root was specified. This has been corrected.

When the validation data seeding has a disable pattern of *, and Automatically Create Placeholder Reference Targets is enabled, Smile CDR will no longer automatically create a Search Parameter for searching placeholders, since this causes thrashing as the system tries to create and disable this search parameter.

The Search Parameter Seeding: Disable Patterns will no longer disable custom search parameters which have been added to the database.

Previously, an ADT^A29^ADT_A21 would fail to make a Patient resource as inactive. This is has been fixed by ensuring the operation results in a FHIR transaction PATCH.

In the experimental CDA Exchange+ module, trying to export a patient with a name with 'use' set to 'official' resulted in a error with a null pointer. This has now been fixed

the $export call in the member match flow was using the Patient instance operation (ie, /Patient/{id}/$export. This is Smile specific and not part of the spec. It has now been updated to use type-based operation (ie, /Patient/$export) with the patient id being a part of the parameters instead to be spec compliant. Removed sourcePatientId from $invoke-export endpoint.

In the experimental CDA Exchange+ module, exporting a Planned Medication Activity would result in missing effective time mapping and possibly an incorrect null flavor output on dose quantity. This has now been fixed

When starting up multiple instances of a FHIR Storage (RDBMS) module at the same time (e.g. in a cluster), the search parameter seeding module could sometimes collide across the processes and cause some or all processes to fail to start. This has been corrected.

When the FHIR Gateway module was making outgoing HTTP connections to target servers, it could get blocked waiting for a connection from an internal connection pool that was inadequately sized. This has been corrected.

FHIR Gateway responses will now include an X-Cache header in the response if the response was served by the Gateway Cache.

Previously, HL7 V2 sender/out was encoding all outbound messages with the default encoding of ASCII. This was causing improperly rendering of data with non-English language characters as ???? in the outbound HL7 v2. This has been fixed by sending all outbound messages as UTF-8 instead and by marking MSH-8 as UNICODE UTF-8 for all MSHs that have not been preserved from HL7 v2 listener/inbound messages.

Previously, if an optional persistence dependency was set on the Smart Outbound module, the Fhir object was undefined in the JavaScript Execution Environment. This has been corrected and now the Fhir object properly provides FHIR operations in the Smart Outbound module from the linked persistence module.

A regression in Smile CDR 2024.02.R01 meant that in a multi-node configuration, UI would only display modules hosted on the same node as the web admin console. This has been fixed.

Previously, if an Admin Web module was configured with a custom context path, some docs CSS and JavaScript would start working incorrectly, resulting in a sub-optimal appearance compared to admin webs configured with the default context path. This has been fixed.

Previously, attempting to run $docref with CDA Exchange Plus set to binary_storage.mode=DATABASE_BLOB resulted in a database constraint error when attempted to save the document. This has been fixed.

Updated System to System Data Exchange module's documentation. Corrected a bug to make 'Reference System used by Target Patient' a required (not optional) config.

The HL7 v2.x inbound processor was incorrectly populating Encounter participants of type ATND with a display of attending. This has been corrected to use the display attender as per the following code system: http://terminology.hl7.org/CodeSystem/v3-ParticipationType

In FHIR Gateway, if a target server returns a total size lower than the size of the matched resources, we previously truncated resources down to the provided total value. We now detect this edge case, and infer that the true total is at least the size of the matched resources in the provided bundle.

Previously, if the CDA Exchange+ module encountered an entryRelationship to an unexpected child entry, it would sometimes not skip to the end of the unrecognized element, resulting in unpredictable parse outcomes. This has been fixed.

Previously, when enabling 'new_session_for_each_flow.always' for SMART out, a login triggered from a SMART app would invalidate the session, requiring the user to re-login continuously. Additionally, once the first issue was resolved, clicking 'authorize` on the Approve would have invalidated the session and required the user to log back in. Both issues have been fixed.

In the experimental CDA Exchange+ module multiple Problem Observation templates within the CDA Encounter Diagnosis section were being merged into one Condition resource. This has now been fixed by creating a separate Condition resource for each Problem Observation.

Previously, cdr could not properly send resources to a Subscription destination with cross-partition subscriptions configured with PATIENT_ID partitioning. This has been fixed.

Previously, the CDA Exchange+ module was applying different mappings to the Product Instance template depending on where it occurred in the CDA document. These diverse mappings have been consolidated.

Previously, running two consecutive bulk system export against a FHIR endpoint backed by a MongoDB storage module with PATIENT_ID partitioning enabled would fail with a MongoWriteException with code 11000. This has been fixed.

Gateway pagination service when configured with 100 targets was returning JWT tokens with size exceeding 30K. This has been fixed by compressing the JWT, which reduced it to the order of 10% of previous size.

Previously, FHIR Gateway would incorrectly infer a search mode of MATCH for bundle entries which omitted the search mode. Now, search modes are propagated directly from the targets to the client.

Previously, an Hl7v2 RXA-5 segment (administered code) could be mapped to a standalone or contained Medication resource based on property Use Standalone Medications with Give Code instead of property Use Standalone Medications with Administered Code. Previously, when handling RXC-2 segments as contained Medication resources with parent RXE-2 or RXA-5 as standalone Medication resources, the parent resource was incorrectly assigned, resulting in a bundle validation exception. These issues have been fixed.

A previous fix to allow using web context path without an ending slash broke the admin web module login sequence. This has been fixed.

Gateway pagination was failing to set proper requests to target servers when more than one server needed to paginate to fulfill the first requested page. This is now fixed.

Previously, $invoke-export member match job mistakenly used property identifier_system_for_local_patient instead of identifier_system_for_original_id for identifiers to store the original ID of the imported resources. This has been fixed.

Previously, when importing multiple documents in parallel through the CDA Exchange+ module, very rarely a section derived from one input file would end up added to the Composition derived from a different file. This has been fixed.

Previously, $invoke-export job did not correctly reference the DocumentReference resources which contains the imported Binaries. This has been fixed.

Previously, the Quick Start Guide for the System-to-System Data Exchange Module was missing a step to enable Index Missing Search Parameters property on the source server. This has been fixed.

Fixed a regression introduced in the ValueSet-based vocabulary translation enhancement that was preventing CDA fields of data type CS from translating correctly.

Previously, adding a partitionId parameter to the Camel bundleProcessor would throw a HibernateException when MegaScale was enabled. This has been fixed.

Fixed a bug throwing an authentication error during System to System Data Exchange module's diagnostics check.

Smile will no longer log warnings if a user is given the permission FHIR_OP_INITIATE_BULK_DATA_EXPORT_PATIENT without any arguments (or with a blank argument).

Previously, the CDA Exchange+ module was attempting to store Audit logs of the original CDA documents that were imported. However several ingest routes have no defined users (e.g., during channel import), causing a failure of storage of an Audit Event. These audit events have been converted to being Transaction Log Events, which are more suitable to this type of operational need.

Previously, a fresh installation of cdr on an Oracle database would fail with ORA-01408: such column list already indexed. This has been fixed.

Added additional diagnostic checks for required properties for System to System Data Exchange module.

Previously in the experimental CDA Exchange+ module, the CDA Note Activity author section was not mapping between representedOrganization and DocumentReference.custodian. This has now been fixed.

Deprecate role FHIR_OP_INITIATE_BULK_DATA_EXPORT_PATIENT and replace it with FHIR_OP_INITIATE_BULK_DATA_EXPORT_PATIENTS, which takes a comma-separated list of patient IDs for compartments and either * for all resources or a space-separated list of resources (ex 1: Patient/123,Patient/456 *) (ex 2: Patient/123,Patient/456 Patient Observation Encounter). Also, introduce FHIR_OP_INITIATE_BULK_DATA_EXPORT_ALL_PATIENTS, which allows the user to export all resources without any restrictions.

In the CDA Exchange+ module, the mappings for the Family History section have been updated to correctly capture the condition code.

Fixed a bug where BulkExports at Patient/Group level would be incorrectly treated as System level if no ids were provided, giving the caller more privileges than intended.

Changed BulkExportJobInitiationSecurityInterceptor's pointcut from STORAGE_INITIATE_BULK_EXPORT to STORAGE_PRE_INITIATE_BULK_EXPORT to ensure order of interceptors and no collisions with permission checks.

Previously in the experimental CDA Exchange+ module, data that was imported of type 'xsi:type=CO' would not get exported in the same manner. This has now been fixed.

Previously, it was possible to execute the $delete-expunge operation on a resource even if the user did not have FHIR_DELETE_ALL_OF_TYPE permission for the given resource type. This has been fixed.

Upgrading the internal kafka libraries caused a regression in which explicitly set null values for configuration would cause Application Context loading failures. This has been corrected.

The CDA Exchange+ module was failing to render the Advance Directives section. This has been corrected.

Previously, since the 2023.02 release, during Hl7v2 processing, the allergen severity code moderate code could not be mapped and was throwing an error saying the code was unknown. This has been fixed.

Previously, the CDA Exchange+ module was not populating the field Composition.attester.mode for imported documents. This has been fixed.

Previously in the experimental CDA Exchange+ module when importing the Functional Status section of a CDA document only the resources from within the organizer template are mapped. This has been fixed.

Previously in the experimental CDA Exchange+ module when the value is not a coded value, it will not map. This has been fixed.

Previously in the experimental CDA Exchange+ module when exporting functional status there was several mappings for organizer that were not working correctly or were missing. This has been fixed.

Permissions FHIR_EXPUNGE_DELETED, FHIR_EXPUNGE_PREVIOUS_VERSIONS, FHIR_EXPUNGE_EVERYTHING, FHIR_DELETE_EXPUNGE need to be explicitly enabled in order to perform the corresponding operations, as per Roles and Permission. Previously, the $expunge and $delete-expunge operations, as well as the delete operation with _expunge parameter were allowed for a user with ROLE_SUPERUSER or ROLE_FHIR_CLIENT_SUPERUSER enabled. This has been fixed.

Previously, exporting Procedure Activity Procedure using the experimental CDA Exchange+ module would cause code to not get mapped as nullFlavor if the data-absent-reason is set. This has been fixed.

Previously, transaction logs generated by an OIDC Client interacting with the server were not submitted to broker when one was configured. The issue has been fixed.

Fixed a gateway pagination issue where an exception was thrown when building the previous link when targets were removed by an interceptor.

Previously FHIR_OP_INITIATE_BULK_DATA_EXPORT_PATIENTS did not show up under ROLE_SUPERUSER in the documentation under roles_and_permissions.html. This has been fixed.

Previously, if you invoke the $expunge operation using more than one parameter (e.g. expungeDeletedResources = true and expungePreviousVersions = true) with a user that had only permission to one of them (e.g. FHIR_EXPUNGE_DELETED), the request would authorize the request. This has been fixed and should now be denied.

Previously, a fresh installation of cdr on an Oracle database would fail with ORA-01408: such column list already indexed. This has been fixed.

Previously, operation logs were filled with warning messages related to permissions requiring arguments. This undesirable behavior has been fixed.

Previously, evaluating permissions with optional parameters would generate unnecessary warning in logs. This has been fixed.

Backported from: 2024.08.R01

This release supports zero-downtime upgrades on Azure Sql Server

Backported from: 2024.11.R01

MegaScale is only supported in REQUEST_TENANT Partition Selection Mode. Using a different Partition Selection Mode could result in storing inconsistent data in the database. This change prevents a Storage Module from starting if MegaScale is enabled and Partition Selection Mode is set to anything except REQUEST_TENANT.

Backported from: 2024.05.R01

Several enhancements have been made to the FHIR Gateway module:

• Update/Create operations are not currently fully aware of prefixes assigned to the target, resulting in invalid resources being sent to the target. This has been corrected.
• A logger at info level currently logs every transaction through the gateway, which hurts performance. This has been reduced to DEBUG level.

Backported from: 2024.05.R01

On the FHIR Gateway module, it is now possible to disable paging links entirely on specific search routes.

Backported from: 2024.05.R01

The Runtime Monitor charts in the Web Admin Console failed to load if a non-default context root was specified. This has been corrected.

Backported from: 2024.05.R01

When the validation data seeding has a disable pattern of *, and Automatically Create Placeholder Reference Targets is enabled, Smile CDR will no longer automatically create a Search Parameter for searching placeholders, since this causes thrashing as the system tries to create and disable this search parameter.

Backported from: 2024.05.R01

The Search Parameter Seeding: Disable Patterns will no longer disable custom search parameters which have been added to the database.

Backported from: 2024.05.R01

When starting up multiple instances of a FHIR Storage (RDBMS) module at the same time (e.g. in a cluster), the search parameter seeding module could sometimes collide across the processes and cause some or all processes to fail to start. This has been corrected.

Backported from: 2024.05.R01

When the FHIR Gateway module was making outgoing HTTP connections to target servers, it could get blocked waiting for a connection from an internal connection pool that was inadequately sized. This has been corrected.

Backported from: 2024.05.R01

FHIR Gateway responses will now include an X-Cache header in the response if the response was served by the Gateway Cache.

Backported from: 2024.05.R01

Gateway pagination service when configured with 100 targets was returning JWT tokens with size exceeding 30K. This has been fixed by compressing the JWT, which reduced it to the order of 10% of previous size.

Backported from: 2024.05.R01

Gateway pagination was failing to set proper requests to target servers when more than one server needed to paginate to fulfill the first requested page. This is now fixed.

Backported from: 2024.05.R01

As a consequence of jakarta migration which took place in 2024-02 release, some endpoint URLs stopped working. This has now been fixed for admin-json and admin-web modules.

Backported from: 2024.05.R01

A regression in Smile CDR 2024.02.R01 meant that in a multi-node configuration, UI would only display modules hosted on the same node as the web admin console. This has been fixed.

Backported from: 2024.05.R01

A previous fix to allow using web context path without an ending slash broke the admin web module login sequence. This has been fixed.

Backported from: 2024.05.R01

MegaScale now supports loading Subscriptions from tenant shards, in addition to the default shard.

A regression in Smile CDR 2024.02.R01 meant that SAML token validation performed as part of the SMART on FHIR user authentication would fail. This issue is fixed.

This version of Smile CDR now requires a Java 17+ version of the Java JDK in order to run.

This version of Smile CDR now uses the JavaEE 9+ APIs, which have the jakarta.* namespace in place of the former javax.* namespace. This means:

• Any interceptors which depend on javax.* classes such as HttpServletRequest and HttpServletResponse must be upgraded to use the new versions of these classes.
• ActiveMQ users must upgrade to ActiveMQ 4.19.x as this is the first version supporting the new namespace.
• Infinispan users must upgrade to Infinispan 14.x.x as this is the first version supporting the new namespace.

Added ability to restore the configuration of a server to a given history restore point. Added the /{node_id}/restorePoints/{id}/restore endpoint.

Added Troubleshooting Logs Controller to the JSON Admin API, which allows fetching and updating troubleshooting log configuration in runtime.

The CDA Exchange v2 module offers a new and improved solution for importing and exporting CDA documents. See the documentation for full details. This experimental module is not available to all clients.

Added a Microsoft SQL Server JDBC URL option to the example in our documentation to trust the Server Certificate: trustServerCertificate=true

In the experimental CDA exchange v2 module, CDA document import will now support documents that contain encapsulated data elements and will map as FHIR Attachment data type where applicable.

In the experimental CDA exchange v2 module, the USCDI v1 plugin now produces CareTeam resources conforming to US Core 5.0.1.

In the experimental CDA exchange v2 module, the USCDI v1 plugin now produces AllergyIntolerance resources conformant to US Core 5.0.1.

In the experimental CDA exchange v2 module, the USCDI v1 plugin now produces Condition resources conforming to US Core 5.0.1.

Add various improvements to the RTE schema generation including lowercase, underscores, correct column grouping and ordering among other enhancements.

In the experimental CDA exchange v2 module, the USCDI v1 plugin now produces a Results section conforming to US Core 5.0.1.

In the experimental CDA exchange v2 module, the USCDI v1 plugin now produces Encounter resources conforming to US Core 5.0.1.

Added MDM support for R5 persistence module.

Make CDA Exchange v2 partition aware. Namely, ensure Fhir JavaScript API methods now respect partition IDs for search()/read()/etc and neither cross the partition boundary nor error out.

In the experimental CDA exchange v2 module, the USCDI v1 plugin now produces Note resources conforming to US Core 5.0.1.

The CDA Exchange v2 module now supports import and exports of CDA note sections

In the experimental CDA exchange v2 module, the USCDI v1 plugin now produces MedicationRequest resources conforming to US Core 5.0.1.

In the experimental CDA exchange v2 module, the USCDI v1 plugin now produces CarePlan and ServiceRequest resources conforming to US Core 5.0.1.

In the experimental CDA exchange v2 module, the USCDI v1 plugin now produces Medical Equipment resources conforming to US Core 5.0.1.

In the experimental CDA exchange v2 module, the USCDI v1 plugin now produces Procedure resources conforming to US Core 5.0.1.

In the experimental CDA exchange v2 module, the USCDI v1 plugin now produces Immunization resources conforming to US Core 5.0.1.

FHIR Gateway did not previously support a target endpoint that returns non-Bundle resources. This has now been resolved.

The experimental CDA Exchange v2 module, when configured to use the US Core IG, will map between a CDA Social History section Birth Sex observation (2.16.840.1.113883.10.20.22.4.200:2023-05-01) and a FHIR extension (http://hl7.org/fhir/us/core/StructureDefinition/us-core-birthsex) on the Patient resource.

Providing the capability for clients to supply the FHIR Gateway module with custom Resource and system operation providers. Documentation regarding Gateway custom operation providers can be found [here].(/docs/fhir_gateway/custom_operations.html)

The experimental CDA Exchange v2 module will render C-CDA R1.1 template ids where appropriate in generated CDA documents to indicate backward compatibility with earlier versions of the IG.

Capability to perform terminology translate operation was added to Hl7V2 inbound interceptors by allowing them to autowire an ITermConceptClientMappingSvc

Added an Hl7V2 inbound demo project showcasing the use ITermConceptClientMappingSvc to perform terminology translate operation.

Demo project and documentation was added to support use of BundleUtil in Hl7V2 interceptors.

Added reference to example project showcasing the use of ITermConceptClientMappingSvc in HL7V2 interceptors to perform terminology translate operation.

Added JPA configuration property to handle blocking of resource updates causing the resource to change Patient compartment and load interceptor to enforce that.

Added transaction logging capability to camel smile and custom procedures. See the Camel Smile Processors Overview for details.

Exposing the username/clientId of the user initiating a batch job through the Batch Job Status API.

Added the ability to fetch persistence module id associated with MDM via MDMUI config endpoint.

Authorization scripts on the SMART Outbound Security module can now add approved scopes to a session even if those scopes aren't declared on the client definition.

The experimental CDA Exchange v2 module will now persist CCDs as-received for auditing purposes. A corresponding audit log can be found on an attempted CDA import operation, and the location of the resultant DocumentReference resource containing the CCD will be included in the endpoint response.

The experimental CDA Exchange v2 module will now parse the narrative block text for linked text on import. Links that are referenced within a document section will be resolved in the FHIR resource(s).

The experimental CDA Exchange v2 module will now map Vital Signs Organizer entries onto nested sections in the FHIR Composition to support user-defined grouping of Observations.

Add a new boolean property for persistence module(s) to control resource filter based on status during package installation

Added a Microsoft SQL Server JDBC URL option to the example in our documentation to trust the Server Certificate: trustServerCertificate=true

Added a Terminology Troubleshooting Log that is useful for troubleshooting terminology mapping issues.

Address a few small bugs in dqm persistence module, as well as bump clinical reasoning version that has breaking changes from hapi-fhir

Previously, only beans of type org.apache.camel.Processor were bound to the Camel registry from user-defined Spring Configuration classes. Now beans of type org.apache.camel.AggregationStrategy and org.apache.camel.support.jsse.SSLContextParameters are also bound.

In the experimental CDA exchange v2 module, the USCDI v1 plugin now handles blood pressure panel vital signs Observaton resources conforming to US Core 5.0.1.

In the experimental CDA exchange v2 module, the USCDI v1 plugin now handles blood oximetry panel vital signs Observaton resources conforming to US Core 5.0.1.

Added the ability to handle custom matching script to the $member-match operation.

Updated System to System Data Exchange module to register an interceptor that will populate the memberId, consentId, and consentResource on Bulk Export parameters.

Added Consent services to Persistence module. Updated System to System Data Exchange module to work with this new Persistence module Consent Service to allow filtering on Bulk Export operations invoked via $member-match operations.

Added the /Patient/$invoke-export endpoint. This endpoint will be available in the SystemToSystemDataExchange module.

Added logic to create Task when $invoke-export is called. Added an interceptor to prevent modifying or deleting Task resources managed by the System 2 System module.

Added the template apply operation in the experimental CDA Exchange v2 module

The experimental CDA Exchange v2 module has been enhanced to support the scenarios where a patient is a member of their own care team or an author of their own goal.

To improve the reliability of zero-downtime upgrade, a new environment variable CDR_UPGRADE_MODE has been introduced. When upgrading servers in a cluster, it is recommended that all of the old servers set CDR_UPGRADE_MODE to 'true'. This will prevent scheduled jobs from running on the old servers and pause all message processing from all broker channels (JMS Queues and Kafka topics) on those servers. Lastly it prevents old servers from being changed in the Web Admin Console. Once a server has been upgraded, CDR_UPGRADE_MODE should be unset so that normal operation can be resumed.

Added new experimental module, System to System Data Exchange. This module is the home for all future System to System communication, including Payer to Payer flow.

Updated consent validation for PDex auth flow to use consent.patient instead of identifier.

Trying to create or update an OAuth client will fail if Authorization Code or Implicit Grant are selected as Grant Types but no Redirect URIs are specified.

Added $member-match endpoint in accordance to PDex specification in System-to-System Data Exchange module.

In the experimental CDA Exchange v2 module, when a field of the FHIR model has a data absent reason extension and the corresponding CDA field is mandatory, the CDA export operation will populate that field with a nullFlavor attribute. Also, the vocabulary mapping between the data absent reason code system and the null flavor code system has been refined.

The CDA Exchange v2 module will now render a null flavour UNK in an exported CCD when the value of Patient.gender is "unknown" in FHIR.

Deprecated module types can no longer be created via the Web Admin Console or the JSON Admin API. Configurations (DATABASE or PROPERTIES mode) that already have these module types are not affected.

Added ability to instrument SmileCDR process with open telemetry java agent. The open telemetry instrumentation. is enabled by setting an environment variable called CDR_OTEL.

Mongo internal transaction processing now supports nested transactions.

Updated Smart Out security to add custom claims to the access token. Smile CDR also reserves any custom claims prefixed with "smile_". Attempts by third party scripts or interceptors to add custom claims prefixed with "smile_" is verboten.

Token parsing in Smile has been updated to handle custom claims. All claims will now be added to the UserSessionDetailsJson.

Added clarification on when you should consider upgrading Smile CDR using the smileutil migrate-database utility command, instead of allowing it to automatically perform the upgrade.

The new, experimental CDA module has been renamed to CDA Exchange+. In addition, the display text in the IG Support drop list in the administrative interface has been updated to make it clearer which IGs are supported by each option.

The experimental CDA Exchange v2 will store unstructured document bodies as Binary resources.

Retrieving FHIR-id of resources in batch2 mode of evaluate-measure had poor performance, this improvement allows for query level return of ids without the need to return resources back in a bundle iterator, which is 2x faster

In the experimental CDA Exchange v2 module, planned immunizations are now supported and will be persisted as medication requests.

The CDA Exchange+ module's coverage of the US CDI 5.0.1 profile now accommodates additional varieties of missing data for Patient.birthSex

In the experimental CDA Exchange v2 module, importing unsupported data types now results in the value being skipped, and where applicable a data absent reason is created.

In the CDA Exchange+ module, when parsing a Device that is implanted as part of a Procedure, the deviceIdentifier field will be populated by precedence from the Device Identifier component of the UDI Organizer entry in the CDA document.

In the experimental CDA Exchange v2 module, the USCDI v1 plugin has been updated to enforce cardinality rules in the Patient resource.

Added additional metadata to $evaluate-measure batch2 MeasureReport to assist with UI. Corrected CQL documentation error. Version bumped Clinical Reasoning version, which included new operation $evaluate. Additional api definitions and configuration for CR operations: $care-gaps, $cql, $submit-data

In the experimental CDA Exchange+ module, when attempting to map a code that does not match with one of the expected values in FHIR, a verbose error is logged and the mapping is skipped.

A new Transaction Log module has been added which strictly outputs transaction logs to a remote broker such as Kafka or ActiveMQ. It follows the same configuration as the Cluster Manager's broker transaction log configuration.

Add payer organization resources to payer bundle in prior auth crd module

A new Persistence Module config diagnostic message has been added that writes out a WARNING message regarding the use of automatic upgrades on a PRODUCTION system.

Log CQL response received in prior auth module

The FHIR Gateway module will now allow multiple target definitions to use the same Resource ID Prefix value, if those targets are not used on the same route.

The FHIR Gateway operation caching mechanism now caches FHIR read requests as well as the existing FHIR search and operation requests.

The FHIR Gateway module now supports FHIR transaction operations.

Log parameter object passed into CQL engine in CRD prior auth flow

Additional telemetry data has been made available regarding hl7v2 inbound message processing when Smile CDR is run with open telemetry enabled. A parent span named 'smilecdr.hl7v2.inbound_message.process', and 2 metrics ('smilecdr.hl7v2.inbound_message.count' and 'smilecdr.hl7v2.inbound_message.error_count') are now being generated.

When performing UPDATE operations through the FHIR Gateway module, the gateway currently first attempts a READ operation against each target in order to determine whether any of the target servers hold a resource with the ID being updated. This has been optimized so that this READ isn't performed if only one of the targets is capable of servicing the request, either because of configured resource ID prefix rules, or because of interceptor results.

Support for JDK11 has been dropped. JDK17 is now the minimum supported version.

Swapped from using javax.* to jakarta.* packages. This may be a breaking change for some users who write custom code against Smile CDR. Specifically, any users writing interceptors that leverage the JavaEE Servlet API will be affected. Please see the migration guide for more information.

The FHIR Gateway module caching mechanism now defaults to NONE (disabled) and must be manually enabled through configuration.

Transaction Log broker messages and JSON representation will now show the transaction's GUID as a property.

Previously when transaction logs were sent to Kafka, the Key of the message would be randomly generated, or set to the PID of the parent transaction log if available. Now, all implementations will use the transaction GUID as the key

Internal Smile CDR metrics have been disabled and deprecated. It is recommended to use Externalized metrics instead.

Changed the wording of roles and permissions header within the OpenID Connect Clients section on the Web Console

Previously, if the cluster manager was configured to store Audit Events asynchronously, there was a bug where very high load could cause java.lang.IllegalStateException: Queue full. This fix causes the calling thread to perform audit log storage if the queue happens to be full. The result of this that extremely high throughput will be limited by the speed of the audit log storage, but the system will not crash. This is a temporary fix until a more permanent solution is implemented in 2024.02.R01.

Previously, the HL7 v2.x inbound processor would continue transformations for RDE_O11 message structures where no ORDER groups were present. This has been fixed.

Previously for mongoDB with version lower than 6, when sorted queries consumed more than 10Mb of memory, they were throwing an exception. This has been fixed for versions 4 and up.

Smile CDR documentation for the HL7 v2.x SIU_S12 structure definition incorrectly identified support for the SERVICE and GENERAL_RESOURCE groups, and the AIS and AIG segments. This has been corrected.

Edited WebAdminUI so that archived module does not appear in drop down menu. Also disabled the ability to add a user to an archived module.

Previously in the experimental CDA Exchange+ when a call to $import-cda failed the server would return a 200 OK status code. This has been fixed.

Previously, when multiple custom @Configuration classes with the same name but different package were added to the Camel module, only beans from one @Configuration class were added to the application context. This has been fixed.

Previously, additional headers provided through a FHIR gateway pre-submit interceptor would not be forwarded to a target endpoint. This problem has been fixed.

Previously, a bulk export operation initiated with a '_type' parameters provided with the request URL would ignore the provided parameters. This issue has been fixed.

As per FHIR Spec Patient and Encounter resource types should not be present in the fhirContext array unless they contain a role other than 'launch', where the absence of a role property is semantically equivalent to a role of 'launch'. This fix ensures that these elements are not present in the fhirContext array and also changes the json serialization for the fields in the elements of the array so that the properties are printed correctly.

Previously, the list of PKCE code challenge methods supported by the Smile CDR built-in authorization server was not returned by the OpenID Connect metadata endpoint (/.well-known/smart-configuration). This issue has been fixed.

Previously, restarting module DQM would throw an exception. This issue has been resolved.

Previously LIKE queries against resources would perform poorly on PostgreSQL if the database locale/collation was not 'C'. This has been resolved by checking hfj_spidx_string.sp_value_normalized and hfj_spidx_uri.sp_uri column collations during migration and if either or both are non C, create a new btree varchar_pattern_ops on the hash values. If both column collations are 'C', do not create any new indexes.

When attempting to 'Download Grafana JSON' from the Runtime > Monitors and Health Checks > Cluster Overview page an error was thrown. Now, the grafana JSON downloads successfully.

In the experimental CDA Exchange v2 module, some of the default vocabulary mappings have been updated.

Previously bulk export operation was returning an empty response when no resources matched the request, which didn't comply with HL7 HAPI IG. This has been corrected.

MegaScale now supports loading Subscriptions from tenant shards, in addition to the default shard.

Webadmin Cache was set to 365 days, this meant that users would not see updates unless they cleared their cache. This has been fixed by reducing the cache period to 1 hour.

Previously, the HL7v2 Inbound module would not boot if realtime export through POINTCUT was enabled. This issue is fixed.

Previously, the FHIR Gateway module diagnostic would cause FHIR Conformance request failure on the target FHIR server. This has been fixed.

PROPERTIES_UNLOCKED propertysource resulted in an error when adding a new module and a loss of edits to a module. Both issues have been fixed.

Previously, the experimental CDA Exchange v2 module was generating duplicate copies of certain elements in the Goals section on CDA export. The extra elements have been removed.

Previously, the experimental CDA Exchange v2 module would throw an exception while formatting a Provenance resource if the recorded field is not populated. This has been fixed.

Previously, the web admin console was displaying resolved token values instead of the tokens themselves. This has now been fixed but booleans and dropdown selects will still resolve and display properly.

Previously, when restoring to a restore point it was possible to encounter an error when retrieving a config key from a module config key. This would occur as we were attempting to substring the key element out of the module config key, without fully validating that the provided key conformed to the expected format. This fix adds an additional check to ensure that the key starts with 'module.' before attempting the substring which prevents occurrence of StringIndexOutOfBoundsException.

In the experimental CDA Exchange v2 module, the core mappings for AllergyIntolerance.type and AllergyIntolerance.category have been changed to align better with implementer consensus.

When processing incoming HL7 v2.x messages, fields that are being converted to markdown have all punctuation characters escaped. This change fixes a problem with incorrect escaping of the comma character.

In the experimental CDA Exchange v2 module, the mappings for the Result Organizer entry have been updated so that when exporting a document, the value of the status field will be derived from the statuses of the contained Observations rather than being directly mapped from the DiagnosticReport resource.

Previously the experimental CDA Exchange v2 module did not set dataAbsentReason information on Observations when importing values with a nullFlavor. This has been fixed.

Previously, if client used the HTTP Basic authentication scheme to get an access token from Smile CDR built-in authorization server, it would receive an access denied error. This issue has been fixed.

Previously, the experimental CDA Exchange v2 module was not thread safe, and was encountering errors when trying to process multiple documents in parallel. This has been fixed.

Swapped dependencies from javax to jakarta in accordance with the migration to Jakarta EE. This is a breaking change. If you have any interceptors or beans which rely on javax imports, you will need to update them to use jakarta imports instead.

MDM expansion of search and $everything queries in a multi-tenant server may include results from other tenants if mdm matches cross tenant boundaries. Also, POST $everything queries didn't allow MDM expansion. MDM expansion will now only include matches within the current tenant. The $everything operation now supports the _mdm expansion flag on POST.

Previously, the Support Consent Filtering configuration item had no effect on the $member-match operation. This is now fixed.

Previously module environment variables of type: JavaScript, integers, and JSON would not be resolved. This is now fixed.

Previously, when removing a resource from the generated Bundle in the experimental CDA Exchange v2 module, a reference to that resource might be left behind in the Provenance resources. We now clean up these dangling references correctly.

Previously, an exception was thrown during the FHIR Gateway module shutdown process. This issue is fixed.

Previously, when encountering an entryRelationship element without a nested templateId, the CDA Exchange+ module would abort parsing and throw an exception. This has been fixed. The parser will now skip the invalid element and continue parsing with the next element.

MongoDB previously threw an exception when a canonical reference was used in a resource. MongoDB does not support canonical references. This fix adds a simple check to check if the reference is canonical and if so, does not attempt to resolve the reference.

The documentation now makes it clear that $trigger-subscription is not supported under MongoDB.

Previously the new experimental CDA module parsing of note document was skipping some required fields. This has been fixed

Previously trying to parse resources with attachment field with no content type in the new CDA plus module would throw an exception. This issue has been fixed.

Previously, the Javascript documentation would indicate that any Javascript method which returned a Set-String or List-String as returning a List-String. This change fixes the auto-generated Javascript documentation to correctly identify API methods as returning a Set-String instead of List-String where appropriate.

Previously the experimental CDA Exchange+ module set Provenance references on resources that might not exist in the bundle. This has been fixed.

Previously in the experimental CDA Exchange+ module when importing CDA documents with mandatory elements omitted, the parsing would not set the data absent reason extension on those fields. This has now been fixed.

Return an error response card if the CRD module is unable to process the resulting Request Group resource from the $apply operation

When updating permissionEnum value from previous value of 'FHIR_OP_CQL_EVALUATE_MEASURE' to 'FHIR_OP_EVALUATE_MEASURE' there were unintended outages in webadmin console and errors generated for any users associated to the deprecated value. This fix updates deprecated value to correct value

Previously, processing an ORU^R01 message in the HL7 v2.x Listening Module with a missing PV1-2 segment would cause a processing failure with an invalid request error. This has been fixed.

Previously, the AppSphere application had 'document.write' script in the 'index.html'. This code is considered as vulnerable to cross-site scripting (XSS) attacks. The 'document.write' script code is removed from 'index.html'.

Previously, obtaining an OAuth token would fail with a valid client secret if the OAuth client contained more than one secret. This has been fixed.

Added the previously-deleted smart-apps-host ModuleTypeEnum back in.

The FHIR Gateway module failed to perform search operations when authenticated using an OAuth2 Client Credentials grant type. This has been corrected.

Previously, the CDA Exchange+ module was not de-duplicating Encounter resources correctly. This has been fixed.

Previously, the CDA Exchange+ module might enter in infinite loop trying to parse a CD field with a comment embedded inside it. This has been fixed.

Previously, the MDM UI application had 'document.write' script in the 'index.html'. This code is considered as vulnerable to cross-site scripting (XSS) attacks. The 'document.write' script code is removed from 'index.html'.

Previously the default cache provider for the FHIR Gateway was set to CAFFEINE, instead of being disabled as per the documentation. This change sets the default value to NONE.

A bug was introduced where all enum dropdowns in admin web panel were incorrectly displaying !MESSAGE! rather than the intended message, this has been fixed

Related to 5592. Fix cross-site scripting vulnerability for any appSphere context.

Previously if a module was added in DATABASE mode and Smile CDR was restarted in PROPERTIES mode, the added module would be present in the admin console(stopped) and starting this module would throw an error. This fix ensures that in node.propertysource=PROPERTIES mode, only modules configured in the specified properties file are shown in the admin console.

Previously, a module that failed to perform environment substitution on a property value (#{env['username']}) during the module booting process would corrupt the module's properties. This issue has been fixed.

Previously the experimental CDA Exchange+ module would not populate ServiceRequest requester and authoredOn fields when importing a planned act. This has been fixed.

Previously, the CDA Exchange+ module was representing the issuer of the device identifier on a Device resource using an OID. This has been changed to use the equivalent URI.

Previously, the experimental CDA Exchange+ module had an incorrect mapping for the Social History Observation status code. This has been fixed.

Previously, PA CRD module used to query PractitionerRole via a TokenParam which caused issues retrieving the resource. This has been fixed.

Fix issue where the edit module page in the web admin page does not display localized text for enums

Fix issue where the authorship date was not being parsed when parsing fhir resources into CDA documents in the new CDA + module

Moved the payer resources for the CQL context to its own parameter within the cql request and added validation for provider prefetch resources in the prior auth module.

Previously, performing a search operation from a JavaScript environment with MDM search expansion enabled would raise an exception. This issue has been fixed.

Previously, the experimental CDA Exchange+ module was creating an incorrect reference when a CDA Procedure Activity Procedure entry had an explicit relationship to an encounter defined elsewhere in the document. This has been fixed.

Previously, the experimental CDA Exchange+ module was not correctly handling the scenario where an entry was accidentally or deliberately duplicated within a CDA document. The de-duplication algorithm has been enhanced to block by default the insertion of a resource into the generated bundle if it duplicates a resource that is already present.

Previously some configurations including option to load scripts or routes from text or file definitions were considering text definition first, which made using file definition hard when default text existed. This has been fixed and now file definitions take precedence to text definitions.

Previously, exceptions resulting from target invocation were not made available for processing by custom operation providers. This issue has been fixed.

Fixes MeasureReport measureScoring bug impacting any measures currently using denominator-exception population will incorrectly calculate the score without following specification. This fix adds an extension to MeasureReport Groups to capture calculated denominator and numerator to bring transparency to the measureScore calculation and act as a dataSource of measureScore instead of behind the scenes calculations. This also required a change to measureReport aggregation and qpp-build transformation to account for new extension. This also includes a bug fix for individual patients processed via batch2 evaluate-measure where patient reference was being concatenated with resource string incorrectly. closes client tickets SMILE-7977, SMILE-7952, SMILE-7799

Previously, mapping a ServiceRequest Resource to an OBR segment would fail due to issues in converting dates from a FHIR to HL7v2 format. This has been fixed.

Previously, an OAuth token request with an invalid token would wrongly return a 401 unauthorized error. This has been fixed by correctly returning a 400 bad request error.

A regression in Smile CDR 2024.02.R01 meant that SAML token validation performed as part of the SMART on FHIR user authentication would fail. This issue is fixed.

The Inline Storage Mode Below setting has been removed from the FHIR Storage (RDBMS) module, as it is no longer used.

Backported from: 2024.02.R01

Added the previously-deleted smart-apps-host ModuleTypeEnum back in.

Backported from: 2024.02.R01

Previously, the web admin console was displaying resolved token values instead of the tokens themselves. This has now been fixed but booleans and dropdown selects will still resolve and display properly.

Backported from: 2024.02.R01

Previously module environment variables of type: JavaScript, integers, and JSON would not be resolved. This is now fixed.