On January 13, 2026, Epic Systems (University of Pittsburgh Medical Center’s electronic medical records vendor) notified UPMC that a health information network named “Health Gorilla”, and certain participants of this network, improperly accessed medical records available through the national network used to exchange medical information.
The purpose of the national network is to allow health providers to exchange information for the treatment of their patients. UPMC is required to participate in this national network and is required to comply with applicable federal laws as a condition of participation. Certain participants of this network electronically requested information under the pretext of providing treatment to shared UPMC patients and allege they had permission to do so.
In addition to this notice, UPMC provided written notice to individuals who may be affected by this incident. The information involved included a list of UPMC encounters. This may include affected individuals’ demographic information, such as name and date of birth, and information such as clinical notes, reason for visit, diagnoses, medical history and any related orders or testing. No Social Security Numbers were involved in this incident.
Laser Scanning: Reducing Risk in Construction Projects
MOBs Get Smarter and More Complex as Space Pressures Mount
Ascension Saint Thomas Sets Date for Groundbreaking on New Hospital and Health Campus
Women in Construction Sees Growth on Florida Jobsite
Managing Soft Surfaces, Clean or Soiled