NHSE to move away from open source over AI security concerns
- 5 May 2026
- NHS England will make all code repositories private by default from 11 May to reduce security risks linked to advanced AI models
- Public access will only be granted in exceptional cases
- The move has drawn mixed reactions, with cyber security experts supporting caution while open source advocates warn it undermines previous commitments
NHS England has restricted access to some of its open source code to strengthen security amid concerns about the impact of AI models.
Open source software allows source code to be publicly viewed and scrutinised, in contrast with closed sourced software, where only the vendor can see how the system works.
Software produced by the NHS has previously been made open source and listed on GitHub, allowing other organisations to build upon it and make better services more cheaply without duplicating effort.
However, NHS England has issued new guidance to staff, seen by Digital Health News, which states that “all source code repositories must be private by default” from 11 May 2026.
It adds that “repositories must not be public unless there is an explicit and exceptional need, and public access has been formally approved by the Engineering Board”.
An NHSE spokesperson told Digital Health News: “We are temporarily restricting access to some NHS England source code to further strengthen cyber security while we assess the impact of rapid developments in AI models.
“We will continue to publish source code where there is a clear need.”
The guidance adds that “public repositories materially increase the risk of unintended disclosure of source code, architectural decisions, configuration detail, and contextual information that may be explored – particularly given rapid advancements in AI models capable of large-scale code ingestion, inference, and reasoning (e.g. developments such as the Mythos model).”
It states that “this red line establishes a default-closed posture for code while the organisation assesses the impact of these changes and ensures that any public publication of code is a deliberate, reviewed, and justified decision”.
Teams can make repositories private at any time, but those that have a need for an exemption must declare this to the NHS Engineering mailbox by close of play on 6 May 2026.
Mythos is one of Anthropic’s latest models developed as part of its broader AI system called Claude, which the company says can outperform humans at some hacking and cyber-security tasks.
Commenting on the shift to private code, Saif Abed, founding partner of cybersecurity advisory services, The AbedGraham Group, said: “This is a sensible temporary step considering the rapidly changing threat landscape driven by emerging AI models.
“Next however I would expect a transparent and published assessment of the threat posed to the NHS by systems such as Mythos coupled with a funded strategy to mitigate the risks. This would be in the interests of both patient safety and national security.”
However, in a blog titled ‘NHS Goes To War Against Open Source’, Terence Eden, former senior technology advisor and head of open technology at NHSX and former technical specialist architect for the UK government, voiced his disagreement about NHS England’s decision.
“I’m beyond disappointed at recent moves from NHS England to backtrack on all the previous commitments they’ve made about the value of open source to the UK’s health service,” he posted.
Eden urged people to email their MPs and “tell them that the NHS is wrong to shutter its world-leading open source repositories”.
“Don’t let them take away your right to see the code which underpins our nation’s healthcare,” he added.
An open letter, published on 1 May 2026, which asks NHSE to keep its code open has so far gained 74 signatures.
In December 2025, NHSE removed open source policy pages from its websites, which it said was part of a regular clean-up exercise for the NHS website.
