The Department of Health and Social Care (DHSC) has invested £114m into IT budgets and staffing figures.
The move showcases its ongoing investment into digital infrastructure to support the UK’s healthcare system amid a significant NHS restructure.
The UK Government recently announced the restructure, which places it back under full DHSC control.
It is aiming to streamline decision-making, improve efficiency and better integrate digital transformation efforts across the NHS.
The IT budget for the 2024/25 financial year is set at £29.1m, excluding staffing costs, which is a decrease from the 2023/24 financial year where the total budget stood at £37.7m.
Between 2022 and 2023, the budget was £47.2m – the highest recorded IT budget.
This data was retrieved under the Freedom of Information Act (FOI) and analysed by the Parliament Street think tank, observing the spending of the department over the past three financial years.
PLC emerges from year-long administration as private company
Stuart Harvey, CEO of Datactics commented: “Investing in IT is more than just upgrading infrastructure. Equally as important is ensuring that the data flowing through that infrastructure is of the highest quality and well-governed.
“70 per cent of government bodies are already piloting or planning to use AI, highlighting the urgent need for high-quality, structured, and secure data. Without a focus on data integrity, even the most advanced AI systems will struggle to deliver meaningful insights.
“To fully capitalise on AI’s potential, IT budgets must prioritise robust data governance, to ensure that data is accurate, well-managed, and ethically sourced to not only enhance efficiency but also drive better patient outcomes and support evidence-based decision-making.
The Government’s sustained investment in IT suggests that it is committed to enhancing digital services across the healthcare sector.
Andy Ward, SVP international, Absolute Software, added: “The Department for Health and Social Care’s continued investment in IT infrastructure is a critical step in modernising the UK’s healthcare system, but cybersecurity resilience must be a top priority.
“Without it, healthcare organisations remain exposed to cyberattacks, data breaches, and operational disruption.
“Our latest research shows that 15 per cent of healthcare PCs fail to meet basic security and compliance standards, leaving hospitals, clinics, and care facilities vulnerable to ransomware threats.
“Additionally, delayed patching remains a persistent issue, with endpoints lagging on updates by an average of 48 days-giving attackers a window of opportunity to exploit known vulnerabilities.
“Healthcare organisations must ensure these investments are directed towards building long-term resilience. This means proactively closing security gaps, automating patch management, and strengthening endpoint protections to prevent disruption before it happens.
“In an industry where cybersecurity is patient safety, resilience isn’t just necessary, it’s non-negotiable.”