Question to the Department of Health and Social Care:

To ask the Secretary of State for Health, what changes have been made to NHS IT systems and cyber security since the cyber attack in May 2017.

The National Health Service has robust measures in place to protect against cyberattacks, and since May we have taken further action to strengthen resilience and guard against future attack, including new, unannounced cyber security inspections by the Care Quality Commission, £21 million in funding to improve resilience in trauma centres, and enhanced guidance for trusts.

Work is underway to determine the fastest and most cost effective way to move the NHS off unsupported operating systems, and we are working with the NHS to ensure unsupported systems are urgently upgraded, removed or isolated. The Department has also signed a Customer Support Agreement with Microsoft that will issue regular patches and updates for all existing Windows devices operating with Windows XP, Windows Server 2003, and SQL 2005.