Notice of Security Incident

At Great Plains Regional Medical Center, we value our patients and understand the importance of protecting their information. We recently addressed a cybersecurity incident that involved some of that information. This notice explains the incident and measures we have taken in response.

On September 8, 2024, we suffered a ransomware attack on our computer system. We secured our systems and began an investigation with the help of a cybersecurity firm. This investigation showed that an unknown person accessed and encrypted files on our systems between September 5, 2024 and September 8, 2024. We learned that the bad actor copied some of those files. We quickly restored our systems and returned to normal operations, but we also determined that a limited amount of patient information was not recoverable.

The patient information varied by individual, but may have included: name, demographic information, health insurance information, clinical treatment information, such as diagnosis and medication information, driver’s license number, and/or in some instances, Social Security number.

We are mailing letters to affected patients and offering free credit monitoring to those whose Social Security number or driver’s license number may have been involved. If you believe you are affected by this incident and do not receive a letter by December 7, 2024, please call our dedicated assistance line available at 855-278-0557, Monday through Friday, 9:00 AM to 9:00 PM Eastern Time.

We want to assure our community that we are taking this matter very seriously. To help prevent something like this from happening in the future, we have and will continue to take steps to enhance the security of our systems.