Our team has reviewed our exposure and our installations of Cardio Server are NOT directly susceptible to this vulnerability. The OpenSSL library is not a part of Microsoft's IIS server on which Cardio Server runs. Therefore, Cardio Server is not directly threatened by the vulnerability.
However, there may be vulnerable machines in the path leading to Cardio Server. Epiphany is available to work with you to ensure that your PHI is protected and help solve any other issues outside of Cardio Server that may impact our system.