ATIPXpress Release Notes 11.13.1.0.pdf

Product Enhancements

1.1 Enhancing / Extending APIs

Extended APIs, GetRequestById and GetRequests, are now available to system integrator users, enabling deeper data access for external integrations and workflow automation. We have added the following attributes for both APIs:

- - createdDate
  - originalTargetDate
  - subRequests
  - requestDescription
  - requestAgeWithHoldDays
  - multiTrackType
  - requestDescription
  - exemptionCodes
  - ProcessedDays
  - StaffProcessingCosts

Additionally, lastModifiedDate (or lastUpdatedDate) has been added only for GetRequestById.

1.2 PAL French Translations

We have facilitated the French translation of items in PAL. With this enhancement, multiple issues and inconsistencies in Canadian French language support across PAL were resolved. This enhancement enables users to view system content in French, improving accessibility and aligning with bilingual language.

Simply click the Francais button at the top right to view PAL in French. The button will change to English. To revert to English, click it.

Product Enhancements

1.3 FIPPA Statistical Report Enhancements

The following enhancements were made:

- - The FIPPA requester categories have been updated to match the Statistical Report and will be counted correctly.
  - In section 8, the default redaction codes and redaction code groups have been updated to align with the requirements of the report.
  - The default FIPPA fee structure has been updated, with fee groups that align with the requirements of section 10 of the report.
  - When a request's due date is adjusted due to the holiday or weekend, the number of days of holidays and/or weekend will not be counted while calculating the number of processed days.
  - A new default disposition, Request is non-jurisdictional (Transfer) has been introduced for requests that must be transferred to another Action Office/Program Office. These requests will not be accounted for in sections 5 and 6.
  - The accuracy of the count of carried forward requests in section 11.3 has been improved. Additionally, the dispositions found in sections of version 11.5 through 11.8 can now be selected and will be counted accurately.

Bug Fixes

We’ve addressed the following bugs in this version of ATIPXpress:

ID	Description
1291307	Resolved an issue that caused the first note added to a payment to be overwritten by default text.
1277853	Fixed a bug restricting Proof of Identify (POI) and Consent attachment documents to be updated in PAL.
1275373	Addressed an issue preventing the management of Expedite Information header in PAL Configuration.
1292559	Resolved an error causing the EDR Report, Document History Report, Document Status Report, and Document Review Log to not load.
1292865	Addressed an issue restricting password reset using a second email address.
1288571	Fixed an error causing the Chief FOIA Officer Report to not load.

Security Updates

We’ve made the following security updates in this version of ATIPXpress:

ID	Description
1278599	All binaries (DLLs, EXEs, and installer scripts) are now digitally signed using an updated code-signing certificate issued to Casepoint LLC. This change ensures continued compliance with security best practices and may result in a different publisher name appearing in file properties or installation prompts. There are no functional changes to the application as a result of this update. Previous Publisher Name: AINS, LLC New Publisher Name: Casepoint, LLC Impacted Artifacts: Application DLLs, EXEs, installer script files Reason for Change: Security best practices and alignment with Casepoint signing infrastructure Note: If your IT policies or tools verify digital signatures or publisher names, you may need to update your allow lists or validation rules accordingly.
1294479 1298392 1298396	Introduced output encoding (e.g., HTML entity encoding), input validation, and Content Security Policy (CSP) headers.
1295860 1299788 1290220	Enforced MFA, applied rate-limiting, secured session tokens, and adopted robust password policies.

Description

1278599

All binaries (DLLs, EXEs, and installer scripts) are now digitally signed using an updated code-signing certificate issued to Casepoint LLC.

This change ensures continued compliance with security best practices and may result in a different publisher name appearing in file properties or installation prompts.

There are no functional changes to the application as a result of this update.

Previous Publisher Name: AINS, LLC
New Publisher Name: Casepoint, LLC
Impacted Artifacts: Application DLLs, EXEs, installer script files
Reason for Change: Security best practices and alignment with Casepoint signing infrastructure

Note: If your IT policies or tools verify digital signatures or publisher names, you may need to update your allow lists or validation rules accordingly.

1294479

1298392

1298396

Introduced output encoding (e.g., HTML entity encoding), input validation, and Content Security Policy (CSP) headers.

1295860

1299788

1290220

Enforced MFA, applied rate-limiting, secured session tokens, and adopted robust password policies.

ID	Description
1298397 1298821 1288852 1290224	Sanitized all user inputs rendered into HTML, used templating engines with auto-escaping, and limited rendering of untrustworthy content.
1290223	This change addresses a known security issue by updating vulnerable JavaScript dependencies.
1278818 1278825	Implemented comprehensive safeguards to prevent SQL injection across the entire PAL module and the entire PAL Configuration and Collaboration module.
1290203	Implemented internal logic enhancements to fix security vulnerabilities in the Request page of PAL.