NHS strikes £200m deal with Microsoft to patch cyber holes

Register and reap the benefits

Become a member of the HCSA to gain access to a variety of support tools and services.

Join us

Winter Conference 2021 Countdown

HCSA Job Board

All the latest NHS procurement job opportunities

See the latest jobs..

All NHS trusts to receive latest Windows operating system and cybersecurity Contract will cost £200m over five years Deal comes a year after worldwide ransomware attack disrupted the NHS Every NHS trust in the country will be provided with the latest Windows operating system and cyber defences in a £200m deal with Microsoft.

Ben Heather
Eight years after the last Microsoft national contract for the NHS was scrapped, the Department of Health and Social Care has confirmed a new deal, which has an emphasis on boosting cybersecurity.

Sarah wilkinsonSarah Wilkinson said the upgrade ‘will help us to keep NHS systems and data safe from attack’
It comes nearly a year after the global WannaCry ransomware attack, which severely disrupted the NHS. Several reviews criticised the government for not moving faster since to shore up cybersecurity in the NHS.

The DHSC did not disclose how much the deal was worth but HSJ has been told it will cost the department £200m over five years.

The previous Microsoft deal, which included Office products, was worth £500m over 12 years.

HSJ revealed a national deal to give all NHS organisations free access to the Windows 10 operating system was imminent last week.

Today’s announcement provides more detail about the extra Microsoft cybersecurity services that will be part of the package.

These include Windows Defender Advanced Threat Protection, which will allows NHS Digital to monitor and respond to cyber threats across the NHS centrally, including isolating infected systems or devices.

NHS trusts, which will need to opt into the deal, will also get better visibility of cyber threats when they happen and be able to move faster to isolate compromised machines.

The DHSC again confirmed its commitment to spend £150m over the next three years on improving cybersecurity in the NHS.

The £150m is not new money and will be raised through a reduction in spending on other national IT projects.

Some of the most vulnerable NHS organisations, including trauma centres, received £60m for cybersecurity improvements in the second half of 2017-18.

Health and social care secretary Jeremy Hunt said: “We know cyberattacks are a growing threat, so it is vital our health and care organisations have secure systems which patients trust.”

NHS Digital chief executive Sarah Wilkinson said: “The new Windows operating system has a range of advanced security and identity protection features that will help us to keep NHS systems and data safe from attack. This is one of a suite of measures we are deploying to protect the service from cyberattack.”

Health minister Lord O’Shaughnessy added: “Patient data must be properly protected and this significant investment will help to keep our systems resilient and up to date.”

Microsoft UK chief executive Cindy Rose said: “The importance of helping to protect the NHS from the growing threat of cyberattacks cannot be overstated. The introduction of a centralised Windows 10 agreement will ensure a consistent approach to security that also enables the NHS to rapidly modernise its IT infrastructure.”