Here's El Reg, from 3 February this year:
Sophos update borks systems at London NHS trust
The security of NHS systems is becoming a growing cause of concern because of their continuing reliance on obsolete Windows XP systems, the rise of ransomware attacks in hospitals worldwide and other factors.
Nearly half (45 per cent) of NHS trusts scan for application vulnerabilities just once a year, with less only 8 per cent doing so on a daily basis. The figures comes from a series of Freedom of Information (FoI) requests to 36 hospital trusts by application security firm Veracode. It warns that failure to regularly check for problems leaves patient data at risk of cyberattacks through legacy websites and third-party plugins.