I sympathise with the NHS.
If you've got a platform that works stay with it. The continual changing of platforms is a major inconvenience or worse. For all that overall things get 'better'. In quotes because you need to consider by what measure.
I still use XP. And win10 and win7. Because I have hardware that literally needs XP. And I have other hardware (and software) that needs win7 or 10.
I get more speed out of XP on my Asus A8nSLI than I do from Xubuntu. I run an HP3150 on XP where there's no drivers for anything else.
Note there's no drivers because they've chosen not to make drivers. Not because it is some sort of impossibility.
So here at home I can see the planned obsolescence and I can see the pragmatic difficulties.
Now the NHS has massive investment in critical software. I'm in Australia, I've seen the expensive debacles you can have with massive software installations especially when new. We had an enormous fiasco when the govt commissioned online Unemployment/Job Seeking software.
And I used to be a programmer.
Porting software to new OS's can easily become a nightmare. It is not a trivial exercise. Simply changing software to fit new printers can be a nightmare. Simply incorporating new reports can be a nightmare. And these nightmares cost money and time and inconvenience thousands or millions of people.
Simply because software and hardware is old doesn't make it not fit for purpose. Move a lever by hand to achieve a task. Then put in a servo motor you switch on to move it. Then remote control that servo motor. Then put in a command centre that remotely controls many such motors. Then put in a command system that oversees everything.
That's modernising. That's technological development. That's how it goes.
At the bottom that lever is being moved, is all.
We need to ask if we need all the rest of the 'development' and in the calculation we need to factor in the costs - including human cost in all aspects.
We're not in a dreamland here. Look around, enquire, and see how many banks and such are employing software written in COBOL, still to this day. How many scientific institutes are using software written in FORTRAN. And so on.
XP is not 'wide open to hackers'. That's typical media beat-up hysteria.
NEW system are 'wide open to hackers' simply because they are new, untested for the most part. Hasn't history shown that very clearly? How many security updates in the first year of win10?
All systems are 'wide open to hackers' because that's a phrase without adequate definition. A system apparently impervious to attack today, lauded and applauded, looks ridiculous tomorrow after a backdoor or an achilles heel is found.
All systems are like cities on a plain surrounded by besieging armies, the hackers.
All systems benefit by being isolated. Firewalls. Partitioning. Circuit breakers. Parts of a system that are not required to have access to other parts are ideally cut off.
All systems benefit by RAID and similar philosophies.
Tremendously sophisticated and complicated software/hardware systems with online criticality benefit from long periods of stasis wherein they are studied and improved and protected.
Demand for constant change and thoughtless unnecessary 'improvement' brings uncertainty, unanticipated issues, complication and danger.
I am totally on the side of the NHS and its managers and particularly its IT people.
It is better that it remain firewalled behind a well understood XP system, doing what it does and doing it well with securities constantly strengthened while work goes on to develop a different and parallel system on some other platform, software and hardware, that can work in parallel once created and prove its validity by running without fault and impervious to hacker attack for six months or more.
That's the way to go.
It is a question of building another system.
Not a question of attacking this one or the people that have built it, run it, protect it.