UNOS carries out our work with a deep commitment to accountability and transparency. Our strong performance is reflected in our business practices, accreditations and certifications:
Better Business Bureau Accreditation
UNOS meets all of the Better Business bureau (BBB) Wise Giving Alliance Standards for Charity Accountability. A BBB accredited charity is an organization that is tax exempt under section 501(c)(3) of the Internal Revenue code that meets all 20 of the BBB Wise Giving Alliance Standards for Charity Accountability based on a review of information and materials provided by the organization.
Organizations that comply with these accountability standards have provided documentation that they meet basic standards:
- In how they govern their organization
- In the ways they spend their money
- In the truthfulness of their representations
- In their willingness to disclose basic information to the public
System Security-Federal Certification
UNOS developed an online database system, called UNetSM, to collect, store, analyze and publish all data that pertains to the patient waiting list, organ matching and transplants. This data collection and management system meets the highest security standards for federal computer systems.
The confidentially, integrity and availability of the data collected must be protected from unauthorized use, modification or deletion. Each of these sensitivity criteria is rated on a scale of high, moderate and low. The sensitivity scores are assigned by determining the potential impact on organizations or individuals should there be a breach of security.
- Confidentiality for the UNet system is rated as moderate due to the personally identifiable information collected and used in organ matching.
- Integrity is rated as high due to the effect of unauthorized modification of the data on wait list maintenance and organ matching.
- Availability is rated as moderate due to the adverse effect of unavailability on wait list maintenance and organ matching.
To ensure the UNet application and supporting infrastructure support the needed levels of confidentiality, integrity and availability, the OPTN contract requires the system to be certified and authorized to operate every three years. The certification and authorization process includes an audit of Heath Resources and Services Administration required documents that report compliance with security regulations, an audit of the infrastructure that supports UNet, and penetration tests where auditors attempt to access and compromise the infrastructure and UNet.
ISO 9001 is an international standard that provides the specification for a quality management system. Several UNOS departments (DEQ, IT, Membership and the Organ Center) have been certified since 2004. The ISO-certified areas are committed to continually improving the effectiveness of their quality management systems; achieving superior customer satisfaction through leadership that promotes employee involvement and world-class performance through meeting relevant quality objectives and metrics.
Enterprise Risk Management (ERM)
UNOS has implemented an enterprise risk management (ERM) system to evaluate and alleviate apparent risks and make improvements to operations while keeping the goals and mission of the organization in focus. UNOS uses an outside consultant to review its' departmental functions and processes. Risks and process improvements are identified and ranked. Responses and process changes which address the risk or improvement are formulated and monitored for their progress toward implementation.