Reporting a Potential Security Vulnerability or Concern

Epic is committed to providing secure enterprise software to its customers. We rely on our strong information security management system to guide our policies and procedures, and take great care during our software development process to avoid and address any potential security vulnerabilities. But we also recognize that not all vulnerabilities can be avoided, and we promptly investigate any reports of potential security or privacy issues in our program or software.

We encourage responsible reporting of potential security concerns using one of these methods:

  • If you are an Epic community member, you can report a potential security vulnerability or concern by contacting your Epic technical services representative or technical coordinator. We will work with you to investigate the issues you report, and we will provide guidance to the rest of the Epic community as necessary, following our standard security and privacy risk escalation process.
  • If you are a patient of a healthcare organization using Epic software, you can share your concerns directly with the organization where you receive care. Organizations using Epic software maintain and configure their instance of Epic software based on their organization’s unique needs, and may be better suited to address your concerns or findings.
  • Security researchers, security and penetration testing companies, or anyone else can report a potential vulnerability to us directly by sending an email to securitycontact@epic.com, or by calling our main number (608) 271-9000. Use the PGP Key below or contact us to provide a secure method for you to share the details of your findings.
  • If you have concerns about the adherence to our information security management system, email securitycontact@epic.com or call our main number at (608) 271-9000.

Please note that Epic does not offer compensation for reporting potential vulnerabilities or other issues in the software.

Public PGP Key

—–BEGIN PGP PUBLIC KEY BLOCK—–

mDMEZLhH6BYJKwYBBAHaRw8BAQdA9KszoYd0Yx89TPkrHaPihR0tu4/ogrLhlKND
Tq804Im0KEVwaWMgU2VjdXJpdHkgPHNlY3VyaXR5Y29udGFjdEBlcGljLmNvbT6I
mQQTFgoAQRYhBJLK2i0d3Eq/ikOEJ5k60mZOGxylBQJkuEfoAhsDBQkFpLqoBQsJ
CAcCAiICBhUKCQgLAgQWAgMBAh4HAheAAAoJEJk60mZOGxylFW8BAIGfoMneNu22
NRGKbMZQt6aNbRFYPE00BQLj5tafQjo2APwJoTV/Z+yUjnrugxIOokYFQtCchVtW
IA8DikpnAIKDCbg4BGS4R+gSCisGAQQBl1UBBQEBB0AMJnITfqnli4TRlthByu1j
J+GhtL9bd19yfAz7jMIIKQMBCAeIfgQYFgoAJhYhBJLK2i0d3Eq/ikOEJ5k60mZO
GxylBQJkuEfoAhsMBQkFpLqoAAoJEJk60mZOGxylhYoA/3GTdADDgzuKFe8qMaaN
DgGcUCUr0fP9Lh6KiSlMZh4BAQD4/jO8KkyTNou4YR8tStC9RglWlTjPXhQYPA5m
JHW9BA==
=h9Ga
—–END PGP PUBLIC KEY BLOCK—–

FacebookLinkedInYouTube
Copyright © 2024 Epic Systems Corporation.