We're resolve this issue in two ways:
1. Add some text to the userLogout event definition page stating that implementers are recommend to consider if and when their application should logout the user upon receiving an userLogout FHIRcast event, and if so, how to preserve application state.
2. Add the below to the sync considerations page –
<h2> Synchronization considerations for userLogout, hibernate </h2>
Most synchronization failure considerations revolve around the possibility of introducing incorrect information into the clinical decision making process. In addition to these considerations, failures to synchronize userLogout and userHibernate events must also take into consideration the risk of unsecured, unattended health applications, risking data breach and user impersonation.
Distinct scenarios:
1. User logs out of application A, then takes action in application B.
Negligible risk. User does not expect synchronization.
2. User hibernates application A, then takes action in application B.
Negligible risk. User does not expect synchronization.
3. Application A automatically hibernates without user action, user takes action in application B.
Application A should consider reacting to events when hibernated; perhaps with a syncerror.
4. User logs out of application A, walks away from workstation, application B remains open and unsecured.
Per typical application guidelines, application should automatically secure following a period of un-use. Following an automatic secure, user remains logged into application B. Negligible risk.
5. User hibernates application A, walks away from workstation, application B remains open and unsecured.
Per typical application guidelines, application should automatically secure following a period of un-use.
Negligible risk.