On this page:

1.2Changelog: 2019

 

Legend

A new feature
An existing feature has changed
A bug fix
A performance improvement
A security issue has been corrected

1.2.1Smile CDR 2019.11.R01 (Jitterbug)

 

Release Information

Released 2019-11-12
Codename Jitterbug
HAPI FHIR Smile CDR 2019.11.R01 is based on HAPI FHIR 4.1.0, and includes all changes and fixes included in this version. Please see the HAPI FHIR ChangeLog for details about what has changed.

Changes

Module configuration properties can now be pulled from mini JavaScript functions, which are able to fetch values from external sources. This can be used for example to retrieve database credentials from external vaults such as CyberArk Conjur.

When a module configuration entry has a property value containing a environment variable lookup (such as #{env['dbpassword']} which retrieves the value of the environment variable dbpassword) the value of that environment variable was previously stored in the database, meaning that the lookup only occurred once. It will now be stored in the configuration database using the environment expression, meaning that the value will be looked up upon each startup.

Added the following to the date picker in Transaction Log and Audit Log:

  • Hide reset filter button when no filters are set.
  • Set cookies to expire after 6hrs instead of 24hrs.
  • Added date range label to date picker display.

Inbound Security modules may now optionally declare a dependency on a FHIR Storage module that will be supplied to any callback scripts.

Added new Cluster Manager configuration option to choose to cache search results either in the database or in infinispan. The new infinispan option has three congfiguration parameters: infinispan server urls, infinispan cache name, and infinispan protocol version.

The frequency of three stats related database operations is now configurable in the Cluster Manager via the properies file. Three operations are: module status heartbeat, writing module timer and gauge stats to the database, and the cluster manager stats cleanup operation that deletes these metrics and replaces them with interval summary stats.

If a SMART client is allowed to request scopes such as patient/*.read or patient/*.write in its client definition, it will be automatically permitted to request scopes with a subset of these permissions, such as patient/Observation.read or patient/Observation.write.

A new method has been added to the SecurityInLdapAuthenticationContext object used by the LDAP Inbound Security module that allows authentication scripts to test group membership.

Requests to a FHIR Endpoint that are coming directly from FHIRWeb (as opposed to coming from the HTTP endpoint) will now have an attribute set in their RequestDetails object indicating this fact. This can be used by interceptors to make authorization decisions.

A new header called X-Request-Source can be used to supply the resource source information (the value that will be stored in Resource.meta.source) via an HTTP Request Header value.

A new extension has been added to the subscription replication mode called "ID Prefix Selector". This can be used to specify a pattern against which resource IDs are evaluated before determining that a prefix is needed.

Support has been added for the FHIR Bulk Export protocol! See FHIR Bulk Export for more information.

Added a new subscription config parameter that controls the names given to subscription delivery queues. This gives admins better control over the number of queues / topics created by Smile CDR.

Two new permissions have been added to the Smile CDR permission system: FHIR_WRITE_TYPE_IN_COMPARTMENT and FHIR_DELETE_TYPE_IN_COMPARTMENT. These two operations allow for specific types to be specified instead of simply specifying all resource types in the compartment.

Add new 'Earliest' LiveBundle keepers that work the same as the 'Latest' keepers, except it keeps the earliest ones instead of the latest ones.

Added LiveBundle support for requesting a bundle via multiple tracking ids.

Extend LiveBundle keepers to keep the last N instead of just the last one.

LiveBundle now supports sorting results by date using the _sort parameter.

Added optional 'subscriberGroup' string parameter to $livebundle-watchlist-add operations that adds the subscriber to a named group. When requesting a livebundle via the $livebundle command, the user can now request the bundle by group instead of a list of tracking ids.

It is now possible to search for disabled users via the JSON Admin API User Management operations.

Added support for _include:recurse to LiveBundle.

Keeper Filter criteria no longer need to be in-memory search criteria. To use this feature you need to call keeperFilter.setDatabaseSearchAllowed(true). Database searches are still not permitted for Rule Filters.

Rule filters are now validated at the time they are registered (when the persistence module loads) to ensure that all rule filters can be evaluated in-memory.

A new JSON Admin API for accessing runtime metircs information has been added. This API can export using either the Dropwizard natice client format or the Prometheus native client format.

Conformance resources (the StructureDefinition, CodeSystem, ValueSet, etc. resources that are defined as a part of the base FHIR specification) are now automatically loaded into FHIR Storage Modules at startup time. This avoids needing to do this as a manual step later.

It is now possible to configure the maximum request/response header buffer size, which is useful if you are working with larger than normal header sizes.

Added new $livebundle-watchlist-subscribers function to retrieve a bundle of subscribers by subscriber group.

Changes made to the base Smile CDR Docker image and Smile CDR startup scripts to allow the base image to be used in both Docker and Kubernetes deployments.

OpenID Connect Client definitions that did not explicitly declare any allowable scopes would be permitted to authorize any and all scopes. For better security, this has been modified to always require scopes be explicitly authorized.

Configuration settings for the Consent Service have been moved from the FHIR Storage module configuration to the FHIR Endpoint module configuration. Any consent scripts will need to be re-configured against the FHIR Endpoint module, as the previous configuration will be abandoned on upgrade. This change allows the user context to successfully propagate to all functions within the script. Previously the consentCanSeeResource method did not always receive this information.

Updated the date picker in Transaction Log and Audit Log view to remember context based on time range label instead of actual dates (with the exception of custom range search).

ON_DEMAND performance tracing was working for the audit log but not system logs. This has been corrected so that it now works for both.

When running with the Audit Log and/or Transaction Log disabled (which is often done for performance reasons when loading large amounts of data), a number of redundant database transactions were opened and closed against the cluster manager database, nagating some of the performance improvements. This has been resolved.

A regression in 2019.05.R01 was fixed where DSTU2 storage modules sometimes failed to start with an error related to GraphQL support being missing.

Java Interceptors registered against a FHIR Endpoint module were required to implement the IServerInterceptor interface that is now deprecated as of HAPI FHIR 4.0.0. This has been corrected.

The FHIRWeb Console now works correctly if an alternate context root has been specified. Previously the module would start, but script errors would appear in the browser.

Kafka was only trying to deliver to an endpoing a finite amount of times. This has been corrected and it now retries until it succeeds.

Infinispan search results provider was throwing a NPE when cache results were missing. This has been resolved.

When editing a user via the Admin Web Console, if any nonstandard launch contexts had been added to the account they were inadvertently cleared. This has been corrected.

The LiveBundle _include processor was incorrectly using fhirpath instead of search parameters. This has been corrected.

1.2.2Smile CDR 2019.08.R01 (Igloo)

 

Release Information

Released 2019-08-14
Codename Igloo
HAPI FHIR Smile CDR 2019.08.R01 is based on HAPI FHIR 4.0.0, and includes all changes and fixes included in this version. Please see the HAPI FHIR ChangeLog for details about what has changed.

Changes

A new feature has been added to the Audit Log Filters to retain the filter choices for when the user returns to the page after navigating away.

A new feature has been added to the Transaction Log Filters to retain the filter choices for when the user returns to the page after navigating away.

It is not possible to pass authorization parameters to the smileutil upload-example-dataset command.

A new feature has been added to the FHIR Storage module that allows a FHIR repository to act as an Enterprise Master Person Index (EMPI). See [/docs/fhir_storage/legacy_empi_mode.html](EMPI Mode) for more information.

The FHIR Gateway module will now make up to 10 attempts to retrieve the target server's CapabilityStatement during startup before aborting.

Outbound HL7 v2.x interfaces may now use MLLP over TLS (secure sockets) as well as HL7 over HTTP using either plain or secure TLS sockets.

The JSON Admin API operation for modifying the password of a user now returns a status object that includes details about the outcome of the operation.

Added SSL support to Kafka. This includes 6 new config parameters for specifying the locations of the trust store, key store, and passwords.

A number of password hashing schemes have been added in order to allow administrators to balance risk and security with speed, as well as to comply with local standards for deployment.

The Smile CLI Tool (smileutil) "hl7v2-transmit-flatfile" command now issues a meaningful error message to the console when multiplexing fails due to an invalid path (i.e. the argument provided for option --multiplex-on-field [path]).

A new feature called the Consent Service has been added to FHIR Storage modules. The Consent Service can be used to apply various consent and access rules to FHIR operations being invoked, including blocking and masking data being returned. See Authorization and Consent for more information.

Support for Two Factor Authentication using the TOTP protocol has been added. See Two Factor Authentication for more information.

A new API has been added to the User Management Endpoint that allows a user to modify their own password.

It is now possible to perform cascading deletes, where deleting one resource also deletes any resources that refer to that resource. See Cascading Deletes for more information.

The transaction log will now capture FHIR response bodies sent out by FHIR Endpoint modules in addition to the FHIR request bodies already captured. This can be disabled (and generally should be on servers that need to process lots of data). See Transaction Logs for more information.

The HL7 v2.x inbound processor now ensures that Patient resources resulting from the following event triggers are treated as conditional creates: A03, A06, A07, A11, A12, and A13.

The default installation of Smile CDR now uses an embedded H2 database instead of the previous DerbyDB. H2 is a similar architecture to Derby (file or memory based, runs inside the Smile CDR process so no extra installation is required) but it is better performing and more stable so it makes a better choice for testing. Derby remains supported as an alternative.

A set of features has been added to help in situations where a FHIR repository will be used to store large and/or many binary objects (i.e. as Attachments within a DocumentReference). These features include an option for using the filesystem for storage instead of putting these in a relational database, as well as a pair of new operations that can be used to read/write binary content directly (with no base64 required). See Binary Data for more information.

In addition to a link rule specifying a link level in EMPI module, we also added an optional ability for the configuration to specify a system/code/display for a tag to be added to any Person resource that has had a link automatically added to it. The setting called "Review Queue".

Added an experimental new feature called LiveBundle that allows users to define named data aggregators and register 'subscribers' against those aggregators. The LiveBundle interceptor will then aggregate matching references for that subscriber that can later be fetched as a bundle. See the LiveBundle documentation for more details.

The smileutil transmit-hl7v2-message command now accepts multiplexing paths that do not include the group name before the segment name. This makes it easier to specify paths that are appropriate for ADT transmission, since many segments are found in different paths within different structures.

The path used on HTTP endpoints for the Endpoint Health Check is now configurable. If an existing monitoring infrastructure requires a response on a path other than /endpoint-health, this can be configured.

The HL7 v2.x inbound processor now accounts for three additional codes when mapping PV1-2 (Patient Class) to Encounter.class. These codes are P, R, and B. Refer to Table 0004: Patient Class.

New documentation plus minor enhancements to support deploying and managing Smile CDR clusters using Kubernetes.

The SMART Inbound Security module will now reduce permissions on a session based on which scopes have been approved or not approved (as the SMART Outbound Security module already did). A new configuration item has also been added to both the SMART Inbound Security and SMART Outbound Security modules to control this behavior.

PostgreSQL 11.4 is now supported.

Smile CDR will now emit a warning when starting up using an embedded database such as the default H2 database. This is just a reminder that H2 and Derby should not be used in production systems.

Support for the FHIR Filter Search Parameter has been added. See this page for details.

Support for GraphQL based searches has been added.

A new feature called Performance Tracing has been added to the FHIR Storage module. This feature allows for greater insight into the generated SQL and performance implications of various queries being performed. This can help to maximize performance when building an application. See Performance Tracing for more information.

The date range pop-up for Transaction Log and Audit Log has been upgraded to include a default date range, to have the pop-up triggered when the user clicks on the calendar icon, and to display the date in more intuitive format.

The default Smile CDR configuration now uses FHIR R4 instead of FHIR STU3. Previous releases of the standard are still supported of course, and no plans exist to discontinue them at this time.

The presentation of the list of nodes and modules in the Web Admin console has been reworked so that it is more friendly to large clusters.

The default value for property subscription.consumers_per_matching_queue has been changed from 2 to 5.

Breaking Change: The response types for the 'Fetch All Module Config' and 'Fetch Single Module Config' operations on the Module Config Endpoint have been modified so that they now match the input models for the corresponding setter operations. We are not aware of any users depending on the previous behaviour so we do not consider this a significant change. Please get in touch if you believe that this assessment is incorrect.

Several columns in the Cluster Manager database have been renamed in order to avoid conflicts with new reserved words in MySQL 8.0.0

The Smile CLI Tool (smileutil) "hl7v2-transmit-flatfile"" command was not multiplexing as expected for some versions HL7 v2.x. This has been corrected.

When running an ETL import script that updates resources by setting resource IDs that do not include the resource type, the script failed with a mysterious HTTP 500 error. This has been corrected.

The following three configuration items could not be set and always used default values, and this has been corrected:

When processing HL7 v2.x messaging and using the onPreConvertHl7V2ToFhir(theMessage, theConversionResult) callback script to convert message structures (e.g. from DFT_P03 to RAS_O17), the original structure was passed along to subsequent stages of translation instead of the converted sturcture. This has been corrected.

When using Derby as the Cluster Manager database platform, initiating a module restart sometimes resulted in a deadlock error and a module restart failure. This has been corrected.

HL7 v2.x ADT_A16 message structures were not being properly identified in the Transaction Log detail view. This has been corrected.

Request validation was not working for R4 resources. This has been corrected. Also as a part of this change, the "Require Explicit Profile Definition Enabled" setting has been removed, as it was redundant.

1.2.3Smile CDR 2019.05.R01 (Hippo)

 

Release Information

Released 2019-05-30
Codename Hippo
HAPI FHIR Smile CDR 2019.05.R01 is based on HAPI FHIR 3.8.0, and includes all changes and fixes included in this version. Please see the HAPI FHIR ChangeLog for details about what has changed.

Upgrade Instructions

Note that several JavaScript callback functions in the ETL Import module have been renamed in Smile CDR 2019.05.R01 in order to provide more descriptive and globally unique names.

The following changes have been made. Note that the previous names will continue to work for now, but implementors should update their scripts as soon as possible.

  • The handle(theInputMap, theContext) function used in the ETL Import module has been renamed to handleEtlImportRow(theInputMap, theContext).

  • The hash(theInputMap, theContext) function used in the ETL Import module has been renamed to hashEtlImportRow(theInputMap, theContext).

  • The handle() function used in the CDA Exchange module has been renamed to generateCdaExchangeComposition().

  • The resourceXXX(...) functions used in the FHIR Storage module have been renamed to fhirResourceXXX(...). For example, the `resourcePreCreate(

Changes

Several new variable subsstitutions have been added to the HTTP Access Log.

Added support for using Kafka in place of ActiveMQ.

Added a new Subscription module type that provides for a node to be dedicated to processing subscriptions. This node doesn't require a Storage module to be present; it uses a FHIR Endpoint to retrieve custom search parameters and subscriptions required by the Subscription module. Currently the Subscription module requires Kafka.

A new command has been added to the Smile CDR CLI called execute-script-function that can be used to execute Javascript functions intended for the Javascript Execution Environment outside of a Smile CDR deployment. This can be useful for development and testing.

A new function, addMessage(thePath, theMessageLevel, theIssue), has been added to the Hl7V2ReceivedMessageConversionResult callback model in the JavaScript Execution Environment.

When processing ADT_A60 messages, the HL7 v2.x inbound processor now populates AllergyIntolerance.type with a value of allergy.

The HL7 v2.x inbound processor now maps IAM-11 (Onset Date) to AllergyIntolerance.onsetDateTime.

The HL7 v2.x inbound processor now maps IAM-2 (Allergen Type Code) to AllergyIntolerance.category.

The HL7 v2.x inbound processor now maps RXC-3 (Component Amount) and RXC-4 (Component Units) to an extension on the Medication resource. We store these values in an extension to mirror Medication.amount in FHIR R4.

The HL7 v2.x inbound processor now maps RXE-23 (Give Rate Amount) and RXE-24 (Give Rate Units) to MedicationRequest.dosagaInstruction.rate[x]. They will be mapped to one of rateQuantity, rateRange, or rateRatio as appropriate.

The HL7 v2.x Listening Endpoint module can now be configured with an OBSERVATION group text delimiter for NTE segments in ORU_R01 messages. This delimiter will be used as a separator between multiple repetitions of NTE-3 (Note Text), as well as NTE-3 from multiple contiguous NTE segments following a given OBX segment. By default, \.br\ is used to indicate a newline.

The HL7 v2.x Listening Endpoint module can now be configured with an OBSERVATION group text delimiter for OBX segments in ORU_R01 messages. Where OBX-2 (Observation Value Type) is one of ST, TX, or FT, this delimiter will be used as a separator between multiple repetitions of OBX-5 (Value). By default, \.br\ is used to indicate a newline.

The HL7 v2.x inbound processor now maps OBX-15 (Producer's ID), OBX-23 (Performing Organization Name), and OBX-24 (Performing Organization Address) to Organization.identifier, Organization.name, and Organization.address respectively. The resulting Organization is referenced in Observation.performer.

The HL7 v2.x Listening Endpoint module can now be configured with an ORDER_OBSERVATION group text delimiter for NTE segments in ORU_R01 messages. This delimiter will be used as a separator between multiple repetitions of NTE-3 (Note Text), as well as NTE-3 from multiple contiguous NTE segments following a given OBR segment. By default, \.br\ is used to indicate a newline.

By default, the HL7 v2.x inbound processor now sets Procedure.status to completed.

The HL7 v2.x inbound processor now maps multiple NTE segments for a given OBSERVATION group to Observation.comment. Previously, only the first such NTE segment was mapped.

The HL7 v2.x inbound processor now maps RXC-1 (RX Component Type) to Medication.ingredient.isActive.

The HL7 v2.x inbound processor now maps RXC-2.9 (Original Text) to Medication.code.text.

By default, the HL7 v2.x inbound processor will create/update contained Medication resources derived from RXE, RXC, and RXA segments in RDE and RAS messaging. A new configuration item has been added such that Medication resources derived from RXA segments will be standalone resources. This should only be enabled if RXA-5 (Administered Code) uniquely identifies a given medication and all of its meaningful fields.

By default, the HL7 v2.x inbound processor will create/update contained Medication resources derived from RXE, RXC, and RXA segments in RDE and RAS messaging. A new configuration item has been added such that Medication resources derived from RXC segments will be standalone resources. This should only be enabled if RXC-2 (Component Code) uniquely identifies a given medication and all of its meaningful fields.

By default, the HL7 v2.x inbound processor will create/update contained Medication resources derived from RXE, RXC, and RXA segments in RDE and RAS messaging. A new configuration item has been added such that Medication resources derived from RXE segments will be standalone resources. This should only be enabled if RXE-2 (Give Code) uniquely identifies a given medication and all of its meaningful fields.

The HL7 v2.x inbound processor now maps unknown values of OBR-24 (Diagnostic Service Section ID) to DiagnosticReport.category.text.

The HL7 v2.x inbound processor now maps XAD-7 (Address Type) with a value of B such that Address.use will be work and Address.type will be postal.

User supplied Java code (e.g. Hybrid Providers, custom interceptors, etc.) can now access detais about the OAuth2 authentication including claims contained in the token and the identity of the client.

A new option has been added to the Smile CDR cli for uploading a directory of json files to a FHIR endpoint.

Metrics about subscription matching and delivery are now captured and stored in the database. A future enhancement will present graphs of these in the admin console.

Clients can now use an Endpoint to change their secret using their existing secret.

A new permission has been added (FHIR_META_OPERATIONS_SUPERUSER) that allows users to perform FHIR $meta operations (both read and write) on any resource.

Added three new configuration parameters to Kafka, subscription.kafka.consumers_per_topic, subscription.kafka.auto_commit and subscription.kafka.ack_mode.

Change subscription processing from a shared thread pool to a dedicated thread pool per subscription. Both the the number of matching consumer threads and delivery threads per subscription are now configurable.

It is now possible to use a JavaScript script to modify the generated HL7 v2.x message being transmitted on an HL7 v2.x Sending Endpoint module.

Two configuration properties have been added to the FHIR Gateway module that control the client timeouts when communicating with the gateway target server. In addition, when a socket timeout occurs the gateway now responds with a more informative error message.

The Web Admin Console transaction log viewer now has buttons to show/hide the payload bodies, as well as a button to pretty-print the contents.

SMART on FHIR support in Smile CDR now includes support for resource speficic patient scopes, such as Patient/CarePlan.read or patent/Condition.write.

A new API for adding custom Z-segments to HL7 v2.x messages has been added to the JavaScript execution environment.

Subscription matching and delivery has moved to a new "Subscription Matcher" module. Servers that use subscriptions will need to add a subscription module for each storage module and link the subscription module to its corresponding storage module. The storage module is responsible for activating the subscription and adding all resources to a queue/topic and then the subscription module picks up the resources from this queue/topic matches against all active subscriptions and delivers matches to their endpoints.

A new option has been added to REST HOOK Subscription processing that allows specific base URLs to be stripped from reference URLs in resources being delivered.

A new API has been added to HAPI FHIR that allows thrown exception messages to be marked as trusted. When a message is marked as trusted, it will be exposed to the client even when Suppress Error Details mode is enabled. This can be used from Hybrid Providers code. In addition, a new JavaScript API has been added that exposes this functionality from JavaScript.

Added client details to transaction log entries

Added description "Showing x to x of x" to table pagers

Open ID Connect clients can now be disabled.

The Hl7V2ReceivedMessageConversionResult callback model now includes a property called doNotProcess. This is a flag to indicate whether or not a given message should be processed.

When processing HL7 v2.x messaging using the JavaScript Execution Environment, the getRepetitionCount() method can now be used at the group level. This is in addition to the segment and field levels.

A hasChild(name) method has been implemented in the JavaScript Execution Environment to improve HL7 v2.x processing. This method works at the message and group levels, and it can be used to interrogate the structure of a given message or group.

The JavaScript function onPreConvertHl7V2ToFhir() now has an additional parameter of type Hl7V2ReceivedMessageConversionResult. This is the same conversion result that is passed into function onPostConvertHl7V2ToFhir().

Subscription Module Runtime Status now displays subscription metrics for each subscription.

It is now possible to selectively prevent specific event types from being logged in the transaction log, in order to prevent the log from being overwhelmed with useless messages in some configurations. See Transaction Log for more information.

Function isEmpty() has been implemented at the segment, group, and field levels for HL7 v2.x entities within the JavaScript Execution Environment.

The HL7 v2.x inbound processor now maps RXA-8 (Administered Dosage Form) to Medication.form.

The inbound HL7 v2.x transaction processor now maps non-standard ZXC segments to FHIR. One or more of these optional segments can be included in the ADMINISTRATION group of an RAS_O17 message. ZXC segments use the RXC structure. A given ZXC segment is a component for its associated RXA segment just as a given RXC segment is a component for its associated RXE segment. These components are mapped to Medication resources in Smile CDR.

When processing HL7 v2.x messages with ZXT segments, ZXT segments where ZXT-2 has a value of NM can now be used to populate an arbitrary path in FHIR with integers or decimals.

A new setting has been added to DB connection pool settings that allows a maximum lifetime age for connections to be specified.

Added HL7v2 Outbound support for ADT_A31.

Addded new websocket subscription module to cdr. This module requires a subscription module to know which websocket subscriptions are active. It supplies its URL to the FHIR Endpoint module so that the websocket URL can be provided as a part of the server's capability statement.

When a subscription is deleted, now the queue (or kafka topic) for that subscription delivery will be removed.

Function encode() has been implemented at the message, segment, and field levels for HL7 v2.x entities within the JavaScript Execution Environment.

Added three new config parameters to FHIR Persistence module. reindex threads, expunge threads, expunge batch size.

A clear() method has been implemented in the JavaScript Execution Environment to improve HL7 v2.x processing. This method works at the segment, field, component, and sub-component levels, and it can be used to clear the contents of a message.

A new setting on HTTP servers has been added for specifying the size of the request queue to use when no threads are available for processing. In addition, a new graph has been added to the runtime monitors in the Web Admin console that shows threadpool usage in terms of idle and busy threads.

A new (Hl7V2)[/docs/javascript_execution_environment/hl7v2.html#the-hl7v2-object] object has been added to the JavaScript Execution Environment. This object provides utility methods that are useful when working with HL7 v2.x messaging; including function newMessage(messageCode, messageTriggerEvent, processingId) for creating a new message structure, and several methods that return a new object of a given HL7 v2.x datatype.

A new setData(object) method has been implemented in the JavaScript Execution Environment to improve HL7 v2.x processing. This method works at the field, component, and sub-component levels where such an element allows for variable HL7 v2.x datatypes. For example, OBX-5 (Observation Value) can be populated with a variety of datatypes, as identified by the value in OBX-2 (Value Type). This method has one parameter, which is a JavaScript object of an HL7 v2.x datatype.

The HL7 v2.x inbound processor now populates Observation.specimen where a given ORDER_OBSERVATION group includes a single SPECIMEN group. Where multiple SPECIMEN groups exist, a warning is issued to the Transaction Log.

A new setting has been added to the FHIR Storage module database configuration that can be used to control the use of bind variables in SQL parameters that are purely numeric. This is useful in some optimization scenarios with certain database platforms.

The HL7 v2.x inbound processor now maps XAD.7 (Address Type) values of M to Address.type of postal.

The HL7 v2.x inbound processor now populates Specimen.subject.

When mapping RAS_O17 messages to FHIR, the HL7 v2.x inbound processor now maps ORC-7.4 (Start Date/Time) to MedicationRequest.dosageInstruction.timing.event.

When mapping ORU_R01 messages to FHIR, the Hl7 v2.x inbound processor populates Observation.performer with a reference to an Organization derived from OBX-15 (Producer's ID), OBX-23 (Performing Organization Name), and OBX-24 (Performing Organization Address). Such an Organization will now have Organization.type populated with a value of prov.

The following changes were applied to both the User Manager interface of the Web Admin Console and the user-management endpoint of the JSON Admin API:

  • added error message at top for validation errors
  • changed username to required field
  • changed email to require email format
  • added * to indicate required fields for username and password (only add screen for password)
  • changed password field to not show placeholder for add screen
  • changed so user fields retain context after error save

Always allow anonymous access to Swagger UI and v2 resources.

Previously, the HL7 v2.x inbound processor created/updated standalone Medication resources derived from RXE, RXC, and RXA segments in RDE and RAS messaging. This assumed that RXE-2 (Give Code), RXC-2 (Component Code), and RXA-5 (Administered Code) would each uniquely identify a given medication and all of its meaningful fields. By default, the HL7 v2.x inbound processor will now create/update contained Medication resources.

When processing RDE_O11 messages, the HL7 v2.x inbound processor will now map the component identified in RXC-2 (Component Code) to a Medication referenced by the parent Medication in Medication.ingredient.itemReference if both a code and code system are provided. This only occurs when a given pharmacy order includes multiple RXC segments. Where only one RXC segment is provided, the component will be mapped to Medication.ingredient.itemCodeableConcept of the parent Medication. Regardless of the number of RXC segments, if only a textual display is provided in RXC-2.2 then the component will be mapped to Medication.ingredient.itemCodeableConcept.text.

FHIR Storage modules now come with Lucene disabled by default. Lucene is useful to support fulltext searches and some terminology operations, but also requires capacity planning. It is often not required for real-world implementations so this change should help simplify deployment.

The JavaScript functions onMessagePreConvert() and onMessagePostConvert() that were used in HL7 v2.x Listening endpoints to manipulate received messages and affect the resulting transformation to FHIR have been renamed to onPreConvertHl7V2ToFhir() and onPostConvertHl7V2ToFhir() respectively in order to have more meaningful names. Any existing functions need to be renamed.

Disabled users will no longer show up in the user manager within the Web Admin Console unless they are explicitly searched for.

Changed support for HL7 v2.x Outbound ORM^O01 (General Order Message) to OMG_O19 (General Clinical Order Message).

The default value for the following configuration items has been changed from \\.br\\ to \\n:

The HL7 v2.x inbound processor no longer adds a urn:cedar:extension:stringFormat extension to Observation.comment.

An issue was fixed where refresh tokens issued by the SMART Outbound Security module would not always remain usable after an upgrade to Smile CDR.

When starting Smile CDR with an unsuported version of Java, an error message was logged in the logs, but nothing was reported on the console. This has been fixed.

When mapping OBX segments from ADT messages to Observation resources, the HL7 v2.x inbound processor was not populating Observation.context with a reference to an Encounter. This has been corrected.

Nulls are stripped from the end of performance graphs so they no longer drop to zero at the end of the graph.

Fixed permissioning such that ROLE_FHIR_CLIENT_SUPERUSER will be granted FHIR_ALL_READ and FHIR_ALL_WRITE when user has patient read/write scope.

Fixed security troubleshooting log to log the client id instead when user = null or unknown.

Fixed bug for SMART Inbound Security Authentication Callback Scripts where it was returning a 500 response when a newFailure() was invoked. It will now return a 401 InvalidClientException instead of 500 UsernameNotFoundException or 500 BadCredentialsException.

smileutil (CLI) was slow to start on some versions of RHEL/CentOS due to a slow random number generator being used. This has been corrected.

The FHIR_PROCESS_MESSAGE permission granted users the ability to invoke the $process-message operation at the type level (on the MessageHeader resource) but not at the server level. The FHIR specification allows for this operation to be called at both levels.

When "Enable Resource Counts" was disabled on FHIR endpoints, the resource count query could still fire in the background, wasting database cycles. This has been corrected.

The system was unable to delete expired Refresh tokens if they had an associated access token that was not expired. This has been corrected.

When processing an ORU^R01 message with no valid identifier in the OBR segment, the message was silently ignored with no error message displayed in the transaction log. This has been corrected.

CDA documents generated with the CDA exchange module had invalid namespace declarations on some tags. This has been corrected.

An issue was fixed where the Search Parameter statistics collector would sync stats to the database extremely frequently on large clusters.

The hamburger menu (for navigation on mobile devices) in the Web Admin Console was broken in Smile CDR 2019.02.R01. This has been fixed.

The HL7 v2.x inbound processor was incorrectly expecting location information within invalid extra sub-components of PV1-3 (Assigned Patient Location) and PV1-6 (Prior Patient Location). This has been corrected, and the segment definition of PV1 (Visit/Encounter) has been updated accordingly.

Method Converter.hl7v2TsToFhirDate(dt) now issues an appropriate exception for invalid input.

When using the Smile CDR CLI hl7v2-transmit-flatfile command in multithreaded mode, sometimes a failure could be obscured by log lines after the failure. This has been corrected so that the command always finishes with details about any failures.

Hide user and client cards when they don't exist for transaction log event.

The HL7 v2.x inbound processor was incorrectly mapping RXA-13 (Administered Strength) and RXA-14 (Administered Strength Units) to MedicationAdministration.dosage.rate. This has been corrected. Now RXA-12 (Administered Per (Time Unit)) is mapped to MedicationAdministration.dosage.rateRatio.denominator.unit. A value of 1 is mapped to MedicationAdministration.dosage.rateRatio.denominator.value. The numerator is populated using the values of RXA-6 (Administered Amount) and RXA-7 (Administered Units).

The HL7 v2.x inbound processor was incorrectly mapping RXA-9 (Administration Notes) to MedicationAdministration.note.text twice. This has been corrected.

Fixed a bug where Smile CDR wouldn't start due to a configuration error on a module.

When processing a FHIR Resource for an outbound HL7 v2.x Subscription, the conversion failed with an incomprehensible error if a dateTime in the resource had a time but no timezone offset. This has been corrected.

When starting Smile CDR with a brand new R4 repository, under some circumstances the server could fail to start with a cryptic error. This has been resolved.

When mapping ORU_R01 messages, the HL7 v2.x inbound processor was incorrectly mapping ORC-9 (Date/Time of Transaction) to ProcedureRequest.authoredOn and ORC-15 (Order Effective Date/Time) to ProcedureRequest.occurrenceDateTime. This has been corrected such that the ORC-7.4 (Start Date/Time) is now mapped to ProcedureRequest.occurrenceDateTime. The relevant documentation has been updated accordingly.

For some message types, the HL7 v2.x inbound processor resulted in a transaction bundle with duplicate entries for the same Practitioner. This has been corrected.

When mapping RAS_O17 messages to FHIR, the HL7 v2.x inbound processor no longer maps ORC-9 (Date/Time of Transaction) to MedicationRequest.authoredOn.

When mapping ORU_R01 messages to FHIR, the Hl7 v2.x inbound processor populates Observation.performer with a reference to an Organization derived from OBX-15 (Producer's ID), OBX-23 (Performing Organization Name), and OBX-24 (Performing Organization Address). The OBX segment definition incorrectly indicated that OBX-23.6 and OBX-23.10 would be used to populated Organization.identifier for such an Organization. In fact, OBX-15.1 and OBX-15.2 are used to populate the identifier, and the documentation now reflects this.

The ORC segment definition incorrectly identified ORC-2 (Placer Order Number) as a required field. It is in fact only conditionally required. The field must be populated in an RDE_O11 message; however, it may be omitted in an ORU_R01 message, in which case processing via the HL7 v2.x inbound processing will not result in a ProcedureRequest.

1.2.4Smile CDR 2019.02.R01 (Gale)

 

Release Information

Released 2019-02-06
Codename Gale
HAPI FHIR Smile CDR 2019.02.R01 is based on HAPI FHIR 3.7.0, and includes all changes and fixes included in this version. Please see the HAPI FHIR ChangeLog for details about what has changed.

Changes

Smile CDR can now be run (and is recommended to be run) on JDK 11.0.1. JDK 1.8.0_121+ remains supported however all customers are recommeneded to upgrade to OpenJDK 11 or Oracle JDK 11 if possible.

User details have been added to both the summary and detailed Transaction Log views in the Web Admin Console.

Module type has been added to Module-config endpoints for JSON Admin API.

When processing HL7 v2.x messages with ZXT segments, ZXT segments where ZXT-2 has a value of CE can now be used to populate an arbitrary path in FHIR where one of a fixed set of codes with required binding is expected.

The HL7 v2.x inbound processor now maps OBX-23 (Performing Organization Name) to Observation.performer. If both OBX-23.6 and OBX-23.10 are populated, they will constitute Organization.identifier.system and Organization.identifier.value respectively for the Organization to be referenced in Observation.performer.

In addition to mapping ORC-9 (Date/Time of Transaction) to MedicationRequest.authoredOn, the HL7 v2.x inbound transaction processor now maps ORC-9 to ProcedureRequest.authoredOn.

It is now possible to define multiple users in an inbound security module to be used as designated anonymous users, and to specify which designated user should be used as the anonymous user for each individual endpoint. This means that different endpoints within a single Smile CDR installation may share the same inbound security module, but have different permissions associated with anonymous requests.

The smileutil "synchronize-fhir-servers" command now has a new mode called SYNTHEA that can be used to upload a set of synthea files to a server. See Synthea Mode documentation for more information.

A new property called "secret required" has been added to OAuth2/SMART client definitions. This property allows clients to be defined as not requiring direct client authentication, meaning that clients may optionally be allowed to perform the authorization code flow, refresh flow, etc., without requiring client authentication.

OpenID Connect client definitions have a new property called "Auto-Grant Scopes". Any scopes listed in this field will be automatically granted to clients any time they authorize, without requiring any approval.

OpenID Connect client definitions may now been granted Smile CDR permissions, meaning that it is now possible for clients to authenticate directly using the Client Credentials Grant, and then use the granted Access Token to access FHIR services.

A new operation has been added to the JSON Admin API module OpenID Connect Client endpoint. This operation allows an existing client definition to be retrieved by a user with appropriate permission.

It is now possible to change the Client ID of an OAuth2 Client Definition using the JSON Admin API. Previously this was only possible using the Web Admin Console.

OAuth2 client secrets are now stored in the database as salted and hashed values (using 12-round BCrypt as the current default algorithm), instead of being stored as plaintext values. In addition, the client definition editor in the Web Admin console has been improved so that multiple client secrets may be added at once if needed.

When using the FHIR Gateway module, if a client invokes an operation and includes an Accept header requesting a non-FHIR response, this Accept header will be relayed to the target server.

A new configuration item has been added to the FHIR endpoint module that allows clients to request that Media resources be served as raw content instead of FHIR encoded XML/JSON content. See Serving Raw Media Resources for more information.

When converting FHIR Patient resources to HL7 v2.x PID segments for an outbound interface, if a US Core Race or Ethnicity extension is present but it has only a category, the extension URL will not be placed in the HL7 v2.x CE value in order to reduce clutter.

A new search meta-parameter called _total has been added. This parameter can be used to force a count to be calculated, even for large searches. See Forcing A Total and Data for more information.

Several features were added to the JavaScript Execution Environment FHIR REST API. These include the following things:

  • The FHIR create operation is now supported in the Fhir object
  • The FHIR update operation is now supported in the Fhir object

It is now possible to add JavaScript callback functions that are executed as a part of processing incoming HL7 v2.x messages using the HL7 v2.x Receiving Endpoint module.

HTTP endpoints being secured with HTTPS (TLS) in Smile CDR may now use PKCS#12 files instead of JKS (Java Keystore) files as the keystore and truststore if desired.

Methods for URL Encoding and Decoding have been added to the Converter API in the Javascript Execution Environment.

Search results accessed via searches performed within a FHIR transaction are now audited as individual resource accesses. This means that all accessed resources within a transaction response are now audited as having been viewed.

New settings have been added to the FHIR modules for setting default Prefer header behavor, and default _total parameter behavior.

TLS servers can now optionally be configured with a whitelist and/or blacklist for supported ciphers and protocols.

A new configuration option has been added to the FHIR Storage modules that prevents any scheduled maintenance jobs from firing. This is useful for setups where multiple master storage modules are pointed at the same underlying database.

A new configuration option has been added to RDBMS connection settings, allowing the user to specify whether Smile CDR should automatically update the database schema on startup.

When parsing a JWKS / JWK (JSON Web Key) file, the parser is now more lenient about quoting and JSON format in order to be more compatible with the export format of RedHat SSO.

A new permission has been added to the Smile CDR permission system that authorizes users to perform the $meta, $meta-add, and $meta-delete FHIR operations.

When a Smile CDR HTTP Server is in Suppress Error Messages mode, stack traces generated by failures (such as callback scripts) are now suppressed.

The layout and UI style of the Smile CDR documentation in the Web Admin Console has been improved to match the layout used on https://smilecdr.com/docs/

The Cross-Organization Data Access Profile authentication script function name has been renamed from authorize(...) to authenticate(...) in order to be consistent with other functions in the ecosystem.

When mapping HL7 v2.x DG1 segments, an empty contained Practitioner resource was created as the Condition asserter even when no data was present in the DG1 segment. This has been corrected.

If Observation Identification Mode was set to USE_PARENT_IDENTIFIER_AND_OBX_CODE while both OBR-2 (Placer Order Number) and OBR-3 (Filler Order Number) were configured to be used to create identifiers for a given DiagnosticReport, only the first repetition of DiagnosticReport.identifier (Placer Order Number) was used to construct the related Observation.identifier system and value. This has been corrected such that Observation.identifier.system will be a dash-delimited concatenation of all repetitions of DiagnosticReport.identifier.system, and Observation.identifier.value will be a dash-delimited concatenation of all repetitions of DiagnosticReport.identifier.value, followed by a dash (-), followed by the observation code value found in OBX-3.1 (Observation Identifier Code).

The smileutil CLI tool "synchronize-fhir-servers" command had a bug where it failed with an error if the source server used https. This has been corrected. In addition, it is now possible to specify source and/or target directories as relative paths, e.g. --source some/directory.

The SMART Outbound Security module UserInfo endpoint did not support CORS even when CORS was enabled. This has been corrected.

When viewing the connection pool history graph in the Web Admin Console, the history for the Cluster Manager connection pool was shown in all cases, even when a different module was selected. This has been corrected.

It is now possible to perform search/read operations from within a transaction. Previously this was blocked by the security layer even the user had appropriate permissions.

It was not previously possible to clear a module dependency from a module configuration. This has been corrected.

A bug that prevented revoking refresh tokens that were linked to an active (non-expired) access token from being deleted has been fixed.

A bug in the SMART Inbound Security module definition prevented instances of this module type from being created if they did not have a configured link to a SMART Outbound Security module. This has been corrected.

Some RDBMS queries used inline parameters instead of using bind variables, which prevented statement caches in some platforms (e.g. Oracle) from effectively caching statement execution plans. This has been corrected.

The HTTP Prefer header was not included in the standard CORS Allowed Headers response. This has been added, since Prefer is often used in FHIR interactions.

When an altenate context root was selected (e.g. /baseDstu3) it was not possible to submit a FHIR transaction against the root without appending a trailing slash. This has been corrected.

A regression was fixed when performing a SMART/OAuth2 authorization flow: When a user denied some scopes, these choices were not always respected in the resulting generated token.