• DHSC figures show £80m less spent than planned on “provider digitisation” in 2017-18
  • Majority of money shifted to pay for £63m boost for cyber security
  • Comes after quarter of billion on tech funding went unspent in 2016-17

Tens of millions of pounds earmarked to create a new cohort of digitally advanced trusts was diverted to pay for urgent cyber security improvement in the wake of the WannaCry attack, HSJ can reveal.

It comes after HSJ reported in January that more than quarter of billion of “digital transformation” funding went unspent in 2016-17 and a recent history of tech funds being cut or raided to support other parts of the service.

The new health and social care secretary Matt Hancock has made technology one of his three early priorities in the job.

Figures provided to HSJ under the Freedom of Information Act 2000, show that in 2017-18 the Department of Health and Social Care planned to spend £202.6m on “provider digitisation”.

Provider digitisation funding is aimed at raising the poor standard of clinical IT systems across many trusts, particularly in the acute sector.

Thus far, the vast majority of funding has gone to support 23 trusts to become “digital exemplars”, which are developing templates for other, less advanced, trusts to follow.  

Central digital spending in 2017-18

Provider digitisation

Planned: £202.6m

Actual: £121.6m


Planned: £49m

Actual: £35.3m

Cyber security

Planned: £8.7m

Actual: £72.4m

Source: Department of Health and Social Care

However, figures provided to HSJ show the DHSC’s actual spend for 2017-18 on provider digitisation was £121.6m, £81m less than planned.

The figures also showed that £13.7m of the £49m planned for Wifi in primary care and hospitals went unspent in 2017-18.

A DHSC spokesman confirmed most of this money had been diverted to pay for cyber security, in response to the WannaCry ransomware attack. Cyber security spending was £63.7m higher than planned in 2017-18, although it is unclear how much of this money was distributed directly to trusts.

The spokesman said: “The provider digitisation and cyber security spend should be seen within the context that both programmes directly support digitisation and robust infrastructure in local organisations.”

NHS England has not responded to HSJ’s requests for a full breakdown of which trusts have received additional cyber security spending.

This rise in cyber security spending does not fully account for cuts for provider digitalisation. Figures disclosed offer only a partial picture of how the centre is spending its multibillion pound “digital transformation” fund in 2017-18.

This fund also underwent a “re-prioritisation” last year, the details of which have not been made public.

DHSC has thus far refused to release a full breakdown of central digital transformation spending for 2017-18. A DHSC spokesman said a new annual report from NHS chief clinical information officer, Dr Simon Eccles, expected later this summer would provide more detail.

In May, Dr Eccles told HSJ that “greater clarity” was needed on central digital spending.

According to DHSC’s 2017-18 annual report, the diverted cyber security funding has gone to help “local infrastructure address key cyber weaknesses, including major trauma centres and ambulance trusts”.

Responding to the figures, Matthew Honeyman, a policy researcher at the King’s Fund, said: “Historically, funding was often diverted before reaching the front line, despite government recognition of this need to invest.

“These figures would suggest that is changing. A new secretary of state with a clear interest in technology and the upcoming NHS 10 year plan are opportunities to build on this, renew commitments to invest and ensure that investment flows to local services.”