Report: Organ Transplant Data Security Needs Strengthening

September 8, 2022 Ben Denkers

Report: Organ Transplant Data Security Needs Strengthening

The national network for connecting medical centers with donated human organs faces doubts about its ability to secure data amid mounting concerns over its IT infrastructure.

The newest criticism comes from a federal watchdog review of the Health Resources and Services Administration and the nonprofit United Network of Organ Sharing. As of January, nearly 107,000 individuals were candidates on the Organ Procurement and Transplantation Network waitlist. OPTN is designated by the federal government as a "high-value asset."

UNOS, which manages its network at the administration's behest, lacked system monitoring and only had draft procedures for access controls when federal auditors conducted their review.

The OPTN "is a very 'just in time' system where the time between an organ becoming available and getting it into the right patient can be measured in days or even hours," says Benjamin Denkers, chief innovation officer at consultancy CynergisTek.

"Hackers breaching the system could create any number of disruptions to the system connecting available organs with patients in need."

A statement from an UNOS spokeswoman shared with Information Security Media Group notes that auditors concluded that "OPTN security controls 'protect the confidentiality, integrity, and availability of transplant data.'"

Publication of the watchdog report comes just days after the Health Resources and Services Administration disclosed an OPTN security compromise and just weeks after a bipartisan Senate report warned that UNOS lacks the know-how to modernize a fragile core IT network

Continue reading the full article here

About the Author

Ben Denkers

Ben Denkers is the CIO at CynergisTek where he is responsible for supporting growth, ensuring effective and efficient service delivery, and achieving the highest levels of client and employee satisfaction for CynergisTek’s security, privacy and compliance services. Denkers has nearly 20 years of experience in information security and consulting that includes markets such as finance, automotive, energy, manufacturing, and healthcare. With the threat landscape changing daily, this breadth of experience provides a unique perspective to the industry specific risks organizations face. He has been recognized for building, training, and optimizing team productivity. His strong focus on providing the operating framework, training, and development, and decisive leadership has empowered his teams to achieve tremendous success and drive business growth.

Follow on Linkedin Visit Website More Content by Ben Denkers
Previous Article
Hackers have laid siege to U.S. health care and a tiny HHS office is buckling under the pressure
Hackers have laid siege to U.S. health care and a tiny HHS office is buckling under the pressure

With a dearth of resources, the Office for Civil Rights is struggling with an overflowing caseload.

Next Article
KLAS: Security & Privacy Consulting Services 2022
KLAS: Security & Privacy Consulting Services 2022

A new report by KLAS examines several such firms to determine who effectively assists in reducing risk, eng...