Summit Sidebars

Don Hewitt's picture

In addition to the official Summit proceedings, there were several noteworthy side discussions / activities on VistA. 

1)  The Joint Legacy Viewer was found to contain code injection into VistA.  This is pretty well recognized as a “bad practice” from a security perspective.  OSEHRA notified VA, and the code has been removed.

 2)  Improvements to the XINDEX utility that were developed under OSEHRA’s VA contract are going to be picked up directly by VA technical staff, and we understand that they should soon be part of VA XINDEX.  This should improve functionality and allow the VA to keep up with the community version.

 3)  A bug in the $$GETURL^XTHC10 API was discussed during the Summit, and OSEHRA’s Sam Habiel came up with a fix.  VA will implement and test this fix, and it will come out in the next Toolkit patch along with the upgraded XINDEX.

4)  Finally, community observers noted a piece of licensed commercial data (part of RxNorm) in the FOIA release.  This creates a liability not only for VA, but for anyone using the FOIA code base.  VA was notified immediately, and the data will be redacted from the next monthly FOIA VistA release.

Many thanks to all the community members (including our VA staff community members) who continue to work together to improve VistA for everyone!

Don Hewitt
VP, Business Operations