On January 13, 2026, Epic Systems (University of Pittsburgh Medical Center’s electronic medical records vendor) notified UPMC that a health information network named “Health Gorilla”, and certain participants of this network, improperly accessed medical records available through the national network used to exchange medical information.
The purpose of the national network is to allow health providers to exchange information for the treatment of their patients. UPMC is required to participate in this national network and is required to comply with applicable federal laws as a condition of participation. Certain participants of this network electronically requested information under the pretext of providing treatment to shared UPMC patients and allege they had permission to do so.
In addition to this notice, UPMC provided written notice to individuals who may be affected by this incident. The information involved included a list of UPMC encounters. This may include affected individuals’ demographic information, such as name and date of birth, and information such as clinical notes, reason for visit, diagnoses, medical history and any related orders or testing. No Social Security Numbers were involved in this incident.
Redefining What Mental Health Facilities Look Like
Managing High-Volume Laundry Operations 
Optimizing the Engineering Design of Ambulatory Care Facilities
Construction Completed on Washington Health Urgent Care Facility in California