Surviving a Hack on the Hospital: A Stewardship Program Perspective

Reviewed by Erica Stohs, MD, MPH, University of Nebraska Medical Center 

How reliant on IT we are to carry out antimicrobial stewardship and health care in general never becomes more apparent than during a cyberattack. The University of Vermont Medical Center (UVMMC) shared their experience and stewardship program adaptations in the May 2021 issue of ICHE. 

An abrupt shutdown of internet infrastructure, electronic health record (EHR), and paging and email communication for 26-days forced UVMMC to adapt to a new reality. This included in-person trips to the pharmacy for antimicrobial surveillance, the microbiology lab for positive blood culture results, word-of-mouth advice to switch vancomycin courses to daptomycin or ceftaroline, and suspension of prior authorization of restricted antimicrobials. 

UVVMC was not the only the hospital to suffer a cyberattack in 2020. At the Nebraska Medical Center, we also endured a similar attack for 9 days in September 2020. An abrupt transition to paper and fax without instantaneous access to comprehensive patient data and the finely tuned order sets and safety checks built into the EHR similarly changed our antimicrobial stewardship priorities to the basics: ensuring bacteremic patients received appropriate antimicrobials while avoiding those requiring time-sensitive therapeutic drug monitoring. 

UVVMC’s proposed stewardship emergency preparedness plan is a worthwhile read as your own institution prepares for the unfortunate scenario should a hack befall your hospital system.


Lindsay M Smith and John W Ahern. Antimicrobial stewardship during a cyberattack. ICHE 2021 June 9;1: EPub. DOI: 10.1017/ice.2021.235

We use cookies to help improve your experience