Data Privacy Incident: Great Plains Health’s Notice Regarding Westat

In an alarming turn of events, Great Plains Health has been compelled to issue a data privacy breach alert, concerning its collaboration with third-party partner, Westat, Inc. This breach could potentially affect a limited number of individuals whose personal data has been compromised. Great Plains Health joined forces with Westat to participate in a crucial health-related study initiated by a government agency. While no malicious use of this data has been detected, the hospital is taking no chances in keeping its patients informed.

A Security Crisis Unfolds

The breach came to light when Westat, on May 30, 2023, observed unusual activities in its MOVEit Transfer software. Subsequently, MOVEit revealed a zero-day vulnerability that had hit numerous companies from various sectors. Westat wasted no time in securing its system and enlisted the help of forensic specialists to dive deep into the incident.

The subsequent investigation brought alarming revelations. Unauthorized access to data stored on the MOVEit server had occurred between May 28 and May 29, 2023, leading to a precarious situation for the involved parties. What sent shockwaves through the system was the kind of data that was affected – data belonging to medical providers, including Great Plains Health. This has raised serious concerns regarding patient privacy and the potential consequences of this breach.

The Breach: What’s at Stake

The compromised data includes personal information that is nothing short of gold to identity thieves. Names, demographic information, and clinical data related to hospital visits are all now in jeopardy. Patients’ privacy has been invaded, and the implications could be dire.

What Can You Do?

Great Plains Health, along with all parties involved, is urging patients to take immediate steps to protect themselves. This means keeping a close eye on your financial accounts and statements, as well as reviewing any explanations of benefits for any suspicious activity. If anything seems amiss, you are strongly encouraged to report it to your insurance provider, healthcare facility, or financial institution.

This incident underscores the ever-present risks of data breaches in our digital age, emphasizing the need for unrelenting vigilance and stringent data protection measures. Healthcare providers must be at the forefront of securing patient data, and collaborative efforts between healthcare institutions and their partners are vital in such challenging times. Patient trust, privacy, and security remain paramount, and it’s imperative to uphold these principles in the face of evolving cyber threats.