NHS £150m Microsoft deal will banish Windows XP

Written by Sam Trendall on 2 May 2018 in News

Health secretary announces investments in cybersecurity, including pledge to install Windows 10 across the board by 2020

The government has signed a £150m deal with Microsoft to improve the cybersecurity of the NHS.

The contract includes provisions to make sure that “all health and care organisations are using the latest Windows 10 software with up-to-date security settings”. It is understood that all NHS organisations must migrate machines running previous versions of the operating software to Windows 10 by 14 January 2020 – the date on which Microsoft will cease support for Windows 7.

Following last year’s WannaCry ransomware attack, the NHS faced criticism for the fact that many trusts still had at least some computers running on XP. At the time, the NHS said that 4.7% of machines were still using the software – which was released in 2001.

Microsoft stopped supporting XP in 2014, but the government agreed a £5.5m deal with the software giant to maintain support for the numerous UK public sector customers still using the software. Since this deal expired in 2015, XP machines have been unsupported.

Related content

In addition to rolling out Windows 10 across the NHS, the £150m deal includes £21m to upgrade firewalls and other network hardware, and £39m to help trusts eliminate “weaknesses” in their IT infrastructure.

Healthcare providers will also be required to comply with 10 security standards laid out in a “data security and protection toolkit”. 

The NHS is also to implement a text message alert system, so information is available to trusts even if internet and email services are disconnected.

Health and social care secretary Jeremy Hunt said: “We know cyberattacks are a growing threat, so it is vital our health and care organisations have secure systems which patients trust. We have been building the capability of NHS systems over a number of years, but there is always more to do to future-proof our NHS against this threat. This new technology will ensure the NHS can use the latest and most resilient software available – something the public rightly expect.”

Sarah Wilkinson, chief executive of NHS Digital, added: “We welcome the secretary of state’s commitment to prioritise cybersecurity. The new Windows operating system has a range of advanced security and identity-protection features that will help us to keep NHS systems and data safe from attack. This is one of a suite of measures we are deploying to protect the service from cyberattack.”


About the author

Sam Trendall is editor of PublicTechnology

Share this page




Please login to post a comment or register for a free account.

Related Articles

DHSC chiefs acknowledge slips in record-keeping over £600m Covid testing contracts
23 June 2022

Leaders of health department and UKHSA admit to MPs that some meetings with Randox went undocumented

DWP signs potential £50m Atos deal for IT system to support personal independence payment assessments
16 June 2022

Platform will go live with assessment providers next summer

Cybersecurity: MoJ signs £1m ‘incident response and investigation’ partner
15 June 2022

Ministry becomes latest department to retain external help in responding to attacks

EXCL: Wall of silence surrounds plan for nationwide collection of citizens’ internet records
26 May 2022

Online notice reveals controversial trials are to be expanded into a national service – about which government, law enforcement, watchdogs and all the UK’s major ISPs declined to answer questions...