How a cyberattack on blood center is affecting Florida hospitals. There’s ‘urgent need’

Michelle Marchante
·4 min read

A ransomware attack is affecting a not-for-profit blood center’s ability to process and deliver blood to hospitals in Florida and much of the southeast.

OneBlood, which serves more than 200 hospitals in the country, has switched to a “manual process” to manage its blood supply while it works to fully restore its systems operations, according to Susan Forbes, the blood center’s senior vice president of corporate communications and public relations.

While OneBlood is still collecting, testing and distributing blood, the blood center is asking hospitals to “activate their critical blood shortage protocols” until further notice due to the slowdown of its capabilities.

And it’s asking for people to donate.

“All blood types are needed, but there is an urgent need for O Positive, O Negative and Platelet donations,” according to OneBlood.

The blood center became aware of the cyberattack on Monday and hasn’t been able to access the majority of the software system used to manage daily operations, Forbes told the Miami Herald Wednesday. It is still operating, but albeit at a “significantly reduced capacity,” Forbes said.

Blood donors, for example, are having to fill out forms by hand, rather then digitally, she said. Because the blood center has had to revert to “manual processes,” this means hospitals might see some delays in blood supply shipments.

How OneBlood cyberattack is affecting South Florida hospitals

South Florida hospitals say they are monitoring their blood supply levels following the OneBlood cyberattack. On Wednesday, Baptist Health South Florida said it has “sufficient blood supplies to support our hospitalized patients’ needs” but is in the process of rescheduling elective and nonemergency surgeries that might require blood products in “an abundance of caution” until the issue is resolved.

“Physicians are evaluating surgeries on a case-by-case basis and will communicate directly with any patients whose surgeries may need to be rescheduled,” Baptist Health South Florida said in an emailed statement to the Miami Herald. “Outpatient surgeries at our ambulatory surgery centers are not affected and are proceeding as planned.”

Jackson Health, Miami-Dade’s public hospital system, was notified about the attack on Monday and has not had “any interruption in our services,” David Zambrana, the hospital’s executive vice president and chief operating officer said Wednesday morning during the meeting of the Public Health Trust, which oversees the hospital system.

The public hospital says it’s working with OneBlood, which is its primary blood provider, to ensure patient care is not impacted.

“We have been able to procure additional units of blood from another supplier, and currently have enough inventory systemwide to continue performing the types of complex procedures that Jackson is known for – organ transplants, trauma-related surgeries, heart surgeries, and more,” Jackson Health said in an emailed statement to the Miami Herald Wednesday. “Because we do not know how long this outage will impact our supply chain, our clinical leadership is reviewing every planned surgical case requiring blood in order to ensure the limited supply is distributed appropriately, and putting processes in place to preserve this valuable resource.”

Other South Florida hospitals are also monitoring the situation.

Cleveland Clinic Weston on Wednesday said it is operating normally and that patient care is not affected, though it is “closely monitoring” the blood supply levels across all Cleveland Clinic Florida locations.

HCA Florida Healthcare, which manages Mercy, Kendall, Aventura hospitals in Miami-Dade, and University, Northwest, Woodmont Westside Hospitals in Broward, is also monitoring blood supply levels and is in the process of evaluating alternative blood suppliers and is providing “clinical guidance to support our facilities and address our patients’ needs.

Healthcare hacks are on the rise, setting a new record last year in the country, according to USA Today. Most recently, Florida’s Department of Health experienced a breach that caused death certificate delays and led to thousands of records, including HIV test results, detailed doctors notes and immunization and virus testing records ending up on the dark web.

Change Healthcare, owned by United Healthcare and the largest insurance payer at Jackson, was also struck earlier this year by a cyberattack that temporarily affected the payment process systems that some hospitals, providers and pharmacies in the country use to process medical claims for payments.

OneBlood says it’s working with cyber security specialists, as well as federal, state and local agencies to understand and address the scope of the breach. The not-for-profit says other blood centers across the country are sending blood and platelets to help. It’s also calling for more donors.

“The blood supply cannot be taken for granted. The situation we are dealing with is ongoing,” Forbes said. “If you are eligible to donate, we urge you to please make an appointment to donate as soon as possible.”