Some track level items allow cross-organizational access where this is not appropriate.
This is solved in 1.9.1 and is only an issue for multi-org sites. In general the access reveals little beyond the participation of the patient in another organization.
It may be appropriate to back-port the fix to previous versions, though some testing that the fix does not break other code is needed in advance,
Some track level items allow cross-organizational access where this is not appropriate.
This is solved in 1.9.1 and is only an issue for multi-org sites. In general the access reveals little beyond the participation of the patient in another organization.
It may be appropriate to back-port the fix to previous versions, though some testing that the fix does not break other code is needed in advance,