UNOS is currently investigating a configuration error that may have permitted access by authorized users to some patients’ personal and health information stored within two UNOS IT environments. The exposure was limited to two environments used for developing, staging and testing new tools, and did not affect the match or allocation of organs to patients.
Both environments were only accessible to authorized users in the organ transplant community. We have no indication that any users have violated our privacy policies regarding the sharing of confidential data, and we have no reason to believe that any patient data was misused. This was not a compromise of system security by any unauthorized third party.
Upon discovery of the configuration error, we immediately initiated a comprehensive response in accordance with our established IT procedures. This included taking the testing environments offline. We also have engaged third-party data forensics and security experts to assist us in fully understanding the scope of the incident.
Although our investigation is still underway, we have determined that the unredacted information that was visible in two testing environments included some private data such as social security numbers, dates of birth and medical procedure information. However, the data did not contain other key identifiers, such as names and addresses.
We notified the Health Resources and Services Administration (HRSA) of the event on November 10, the same day UNOS discovered the configuration error. On December 14, we provided HRSA with a preliminary update on the number of potentially impacted patient records. The maximum potential number of impacted records is approximately 1.5 million. In order to determine whether there was an actual impact to any of these individuals, we must conduct additional analysis. We are working to complete the impact analysis as quickly as possible.
We are treating this matter with the highest priority and will provide an update when more information is available.