Policy & Regulation

NHS to close-source hundreds of GitHub repos over AI, security concerns

AI Quick Briefs Editorial Desk · May 5, 2026
NHS to close-source hundreds of GitHub repos over AI, security concerns

The UK’s National Health Service (NHS) has ordered its technology leaders to close-source hundreds of GitHub repositories by a May deadline. This means that many software projects which were previously open for public collaboration and review will become private, inaccessible to outside developers. The move is driven by concerns around security risks and the potential misuse of these projects in developing advanced artificial intelligence systems, particularly those connected to Anthropic’s Mythos model.

This decision is important because it highlights the growing tension between open-source software and the rising threats linked to AI technology. Open source has long been a cornerstone of innovation, allowing developers worldwide to build upon existing tools and improve software rapidly. By reversing this approach, the NHS risks slowing down collaboration and innovation within healthcare technology, which often relies heavily on open-source contributions. On the other hand, shielding repositories could protect sensitive health-related code from being exploited or contributing inadvertently to AI models that may have opaque or harmful capabilities.

The NHS’s move comes amid broader concerns about how AI models are trained and the kinds of data they absorb. Anthropic’s Mythos is known for using large amounts of data to build advanced reasoning abilities. However, healthcare organizations must carefully manage the exposure of proprietary or sensitive healthcare-related code. The worry is that open-source projects could be scraped or incorporated into AI training datasets without permission, raising privacy, security, and ethical issues. In an environment where healthcare data confidentiality is paramount, keeping code private can add an extra layer of control.

This action signals a shift toward more cautious handling of open-source projects within sectors critical to security and privacy. Other organizations may follow the NHS’s lead if they feel their code or data could be used in unexpected or harmful ways by AI systems. This also points to increased regulatory and governance pressure around AI and data security in the near future. Developers and healthcare IT teams should prepare for stricter controls and a possible slowdown in open collaboration practices. Watching how the community balances innovation with security will be crucial as AI continues to evolve.

The NHS decision is a clear sign that AI’s rapid growth is prompting new approaches to software development and sharing. The next steps will likely involve creating new frameworks to guide what can be open and what must remain closed. This could include better licensing, enhanced security auditing, or AI-specific regulations that address these concerns. Those involved in open source and AI should keep an eye on government and industry responses, as the balance between openness and protection gets redefined.

— AI Quick Briefs Editorial Desk

Read Full Article →
Related
Every government has an AI strategy. Dubai just gave its private sector a deadline.
Every government has an AI strategy. Dubai just gave its private sector a deadline.
The EU built the world’s most comprehensive AI regulation. It does not give Europe access to the AI that matters most.
The EU built the world’s most comprehensive AI regulation. It does not give Europe access to the AI that matters most.
Five Eyes spook shops warn agentic is too wonky for rapid rollout
Five Eyes spook shops warn agentic is too wonky for rapid rollout
Stay ahead of AI Get the most important AI news delivered to your inbox — free.
Subscribe →