something or nothing....
I've never worked on the NHS systems but ive worked on a lot of systems and some were NOT setup to handle this type of attack.....i would hope that the NHS endpoint PC's which are being presented with this ransomeware message are acting as Terminals i.e Installed with windows but locked down to the point that data CANNOT be saved locally to the C:\ drive. That way if the PC is infact encrypted then the patient records that the PC has been accessing are on a Network location and that network location (server) is not affected? - the PC can be re-imaged although inconvenient, recoverable to OS Level. if the PC's hold local databases loaded with patient info then im afraid someone needs an @ss kicking.
N.B would be nice to heard from someone who has worked on the NHS IT Systems at Engineer/1'st/2'nd/3'rd line level to get an idea of the setup.