NYU Langone Health Baltimore, New York, United States
Background/Case Studies: A ransomware attack can disrupt blood collections and distribution in the US, allowing for a negative impact on patient care. In early 2025, one of our blood suppliers experienced a ransomware attack, disrupting its operations and capacity to collect, test, and distribute blood. In response, our health system comprised of four main hospitals, developed a systemwide electronic inventory tracker to monitor and facilitate strategies to maintain par levels to support patient services.
Study
Design/Methods: An electronic inventory tracker was created where each site documented daily blood product volumes, categorized by type of product and blood group. It also captured orders placed. Each site’s minimum inventory was provided and incorporated into an overall target inventory. The tracker was automated to flag green if inventory was ≥ 92% of target inventory, yellow if inventory was between 80-91% of target inventory, red if inventory was ≤ 79% of target inventory, and purple if there was no minimum inventory required.
Results/Findings: The inventory tracker was accessible to all four blood bank teams and senior hospital leadership. This enabled us to closely monitor inventory at all sites at a glance and to quickly identify sites with low inventory and the need for intervention. Monitoring began 2 days after the cyberattack. During the critical first 11 days of inventory tracking, supply for RBCs and cryoprecipitate never fell below the minimum threshold. Frozen plasma and platelet supply did drop below minimum levels but recovered within 1 day for plasma and 4 days for platelets. To help offset a lower inventory of blood at two of the smaller campuses, it was decided that blood would be shipped from another hospital within the system. We also leveraged the different individual vendor contracts for each hospital, to meet the overall needs of the system. The use of the inventory tracker was discontinued once it was determined the blood supplier had stabilized critical services and they were able to meet the demands of blood provision, in alignment with the pre-cyber-attack levels. No other measures needed to be implemented during this crisis. Conclusions: Ransomware attacks are becoming more common in healthcare and it can have a major impact on the blood banking community. A systemwide inventory tracker on the hospital end is a useful tool to circumnavigate possible interruptions to blood supply and ensure an appropriate inventory to support routine patient care.
