Responsible Disclosure Statement
If you believe you’re aware of a potential security vulnerability, please let us know by emailing our Information Protection & Security team directly at Information.Protection@hcahealthcare.com. We also maintain an ethics line (1-800-455-1996) to receive concerns about a violation of our Code of Conduct or policies and procedures.
Please review the following prior to submitting:
- We ask that you work with us to diagnose and correct a vulnerability prior to publicly disclosing it to ensure the safety and wellbeing of our patients and systems.
- We ask that you refrain from including sensitive information in any submission to us, e.g. patient identifying information, as part of your initial submission to us.
- We ask that you not perform vulnerability or similar testing on products that are actively in use for public safety reasons.
- We ask that you not take advantage of any vulnerability you have discovered.
Last Updated: December 10, 2020