NHSX is an open and transparent organisation. We believe that the people who employ us – the public – have a right to see the code we create. They have the right to understand the algorithms we use. They should be able to examine the code for flaws, and be able to suggest improvements.
NHSX uses open-source technology. The NHS benefits from free access to technology and the ability to swap between multiple suppliers.
What is 'open source'?
Computer code is written in a human-readable form. It is then compiled into a machine-readable form.
Programs are usually distributed in binary code. A human cannot easily understand what the code does, and cannot easily change how the code works.
Open source is the act of publishing the human-readable source code so that anyone can read and understand it. As well as publishing the code, we also give it an open-source licence. This defines what the user can – and cannot – do with the code.
For example, a user is free to modify the code, reuse it and even sell it. But they must not claim we endorse their use and they may have to make their changes open as well.
A full definition is available through the Open Source Initiative.
Code in the open
GDS guidance is that we should code in the open. This means every line of code we write is publicly published – we don’t wait until our project is finished.
Working this way has several advantages:
- it encourages good practice. When other people can see your work, you tend to raise your game
- it makes collaboration easier. If code is open, it's easier to work on it with others in the same or different departments
- external users can help make it better. Open code makes it possible for people who don’t work for you to make improvements to your code
- other departments can learn from your work. We want to reduce costs throughout government. If another department can reuse our code, that’s a huge cost and time saving
- it improves transparency of government’s work. When code is developed in the open, you can see where public money goes
- it clarifies ownership. We want government to own and be able to make changes to its services, and lack of clarity on intellectual property can be a barrier to that
- it helps make government technology seamless. People who move between departments share knowledge of projects they were working on, because it’s all open
- it’s a great recruitment tool. Developers get to see the way we work before they apply for a job here and a public 'portfolio' of a developer’s contributions to important projects is great for attracting talent
What about security risks?
The National Cyber Security Centre (NCSC) has assessed the security risks of coding in the open and does not consider them to be significant. It believes that working in the open encourages good security practices and allows other departments to contribute security patches.
GDS has produced guidance on security considerations.
Several high-profile security organisations, including GCHQ, NCSC and the National Crime Agency, publish open source. If they can do it, so can we!
Reuse open source code
As well as publishing our code in the open, NHSX must also use open-source technology.
For example, WordPress is the software that powers this blog. There are many providers of blogging tools – but WordPress is open source. That means it is free for us to use. We can modify it to meet our needs without having to go through a long and expensive tendering process.
When we want to procure new software, we consider open source along with proprietary products.
Make things open – it makes things better
This isn’t just a nice-to-have, optional extra. Open source is a core strategy for creating better technology, which directly leads to better outcomes in the NHS and social care.
If we get this right, we save time, effort, money and lives.
*Answer: to work out the tax, the price should be multiplied by 0.2 not 20!
Comment by belen posted on
It's great to see public institutions embracing open source. Well done!
I do have a question, though. A key element of open source is contributing back, i.e. helping the communities that maintain the open source software we use. This is extremely important for the sustainability of open source software. How is NHSX contributing back?
Comment by Terence Eden posted on
Great question. We'll be contributing back in a few way.
Firstly, we've sponsored the UK Open Source Awards. We hope to get involved in more community events like this - promoting and celebrating open source is a key way to give back.
As we use more open source components, we will adapt them to our needs. We will, of course, share those changes back upstream. If they're useful, we hope to see them adopted.
Finally, we'll be encouraging businesses which create open source to bit on NHS projects.
Thanks for the comment.