Minister claims central government backing is in addition to locally driven investments

Credit: Yui Mok/PA Archive/PA Images

By 2021, the government will have committed more than £250m in national funding over a five-year period to “to improve the cybersecurity of the health and care system” across the UK.

According to Jackie Doyle-Price, a minister at the Department of Health and Social Care, this money comes in addition to “both investment by local organisations, and wider national IT investment which supports better security, such as Microsoft licensing for NHS organisations”.

Related content

• IBM picked as NHS cybersecurity partner in three-year £30m deal
• Public sector executive pay should be linked to cybersecurity
• NHSX unit launched to oversee digital, data and technology across health service

Doyle-Price, who was responding to a written parliamentary question from fellow Tory MP Adam Afriyie, declined to provide annual spending breakdowns, claiming that “releasing this information… may assist in determining the effectiveness of detecting cyberattacks on the NHS, and could compromise measures to protect NHS IT systems, leaving them vulnerable to future cyberattacks”.

But she added that, while “the active cyber defence of NHS organisations is a local responsibility for each organisation to carry out”, central government and national health-service bodies will continue to provide practical and financial assistance.

“There is national support and practical guidance available to NHS organisations which is primarily delivered by NHS Digital but supported and prioritised for the highest-risk organisations by NHS England and the department,” she said. “In the event of national-scale incidents that affect many health and care organisations, NHS Digital plays a vital role in coordinating and ensuring appropriate technical remediation, as part of the wider cross-system cybersecurity response led by the department.”