Concerns are mounting regarding the potential cybersecurity vulnerabilities facing the NHS as organizations grapple with the transition to Windows 11. With Microsoft set to discontinue security updates for Windows 10 on October 14, 2025, many institutions are finding that their existing hardware may not support the upgrade.
Challenges in Transitioning to Modern Systems
James Rawlinson, director of health informatics at the Rotherham NHS Foundation Trust, shared insights with Digital Health News about the significant changes in technology usage within the NHS since the onset of the pandemic. He noted, “When lockdown happened on March 16, 2020, the NHS distributed more laptops in a single day than ever before.”
This shift has altered the traditional balance of devices within the NHS, moving from a configuration of approximately 70% desktop PCs and 30% laptops to a current estimate of 80% laptops. Rawlinson pointed out, “Laptops have a shorter lifespan than desktop computers, and those issued during lockdown are now five years old, necessitating updates.”
The implications of this aging technology are profound, particularly for chief information officers (CIOs) across Yorkshire and Humber. Rawlinson expressed concern that the NHS capital budget has not expanded to accommodate the urgent need for updates to aging equipment. “We are facing a tsunami of events—outdated devices that require upgrades alongside the pressing need to transition to a major Windows update,” he explained. “This situation heightens our cybersecurity risks, as we will lack patches and security updates for Windows 10 devices.”
To address these challenges, Rawlinson emphasized the necessity for national capital funding aimed at enhancing the underlying technology infrastructure within healthcare.
In a blog post published in October 2024, Microsoft’s Yusuf Mehdi, executive vice president and consumer chief marketing officer, highlighted the importance of adapting to evolving security threats. He stated, “We designed Windows 11 to be the most secure version of Windows ever—by default and design—to help you stay ahead of those risks.”
A spokesperson for NHS England reassured stakeholders, stating, “We negotiated a five-year deal with Microsoft that provides all NHS organizations with the latest suite of Microsoft security solutions to ensure that their systems are up to date and secure. Local organizations are responsible for managing any necessary upgrades themselves, and we are encouraging all organizations to complete their transition to Windows 11 before Microsoft’s support for Windows 10 ends in October.”
The issue of outdated hardware is not new for the NHS. A report on IT published by the British Medical Association (BMA) in 2022 revealed that over 13.5 million hours of doctors’ time were lost annually in England due to delays caused by inadequate or malfunctioning IT systems and equipment. Furthermore, a BMA survey indicated that 80% of doctors believe that improving IT infrastructure and digital technology would positively impact efforts to tackle backlogs, with 72% prioritizing the update of inefficient hardware.
