@Michael
It would depend on what you mean by "needed for patient care", if you are talking about the machines that run things like: the intensive care equipment or operating theatre equipment then, no, they are not connected to the internet or the rest of the hospital network (at least, not where I work).
If, however, you mean things like patient records, lab results, radiology results, etc, etc, (all of which are "necessary" for patient care. Come to think of it, it *could* be argued that pretty much every machine on our network is needed for patient care, otherwise what is it doing there?) then I think you'll find that they will be connected to the rest of the hospital network and the internet at large, although not directly obviously.
With regard to email, we do find it quite important that people can get at their email from any machine with the caveat that it is their hospital email account they are accessing. We don't allow any access to webmail (Hotmail, et al) or allow IMAP/POP3 access to personal email accounts if that is what you were referring to.
Where I am, standard users do not have access to USB ports or the ability to install their own software but I can't speak for any other part of the NHS. Christ! Some of our users I wouldn't trust with a pencil and paper never mind a PC, but they aren't employed for their IT skills are they?