Re: Migration to Office 365 and Cloud Services etc
Quick answer is "yes, but". All cloud services for NHS and wider .gov.uk use are required to adhere to tighter information governance certifications and standards than would necessarily be the case for a private company or user. In many respects this is more secure than can be reasonably achieved by a local NHS Trust due to budgets, expertise etc...
New rules regarding ISO certification for NHS email solutions, for example, mean getting internal solutions up to standard and certified or some other option of which Office365 is a possibility.
Please note that UK Data Centres Only is a requirement. No data leaves the UK. Encryption in transit and at rest is minimum mandatory.