Skip to main content

GitHub Organisation User Access Policy

1: Purpose

This policy outlines the eligibility criteria for adding OpenSAFELY Full Users to the OpenSAFELY GitHub Organisation. It contains the following sections for reference:

  • Purpose
  • Scope
  • Policy requirements
    • Eligibility
    • Removal of access
    • Changes and updates
  • Notes

2: Scope

This policy applies to all OpenSAFELY Users with NHS Approved Research Projects. This policy is not aimed at OpenSAFELY support staff who require access to maintain the service.

3: Policy requirements

3.1 Eligibility

Access to the OpenSAFELY GitHub Organisation is only granted when all of the following are met:

  • The researcher is an OpenSAFELY Full User or Collaborator, which demonstrates that they meet all of the requirements to use the OpenSAFELY GitHub Organisation, and;
  • Their OpenSAFELY project has been approved by NHS England, which provides the purpose for their membership of the OpenSAFELY GitHub Organisation.

3.2 Removal of access

Access will be revoked when an OpenSAFELY Full User no longer requires access to the OpenSAFELY GitHub Organisation. For example, where they are no longer part of a live project.

3.3 Changes and updates

If a former member of a project team requires reinstatement of their OpenSAFELY GitHub Organisation access, for example to make further updates to their code, this must be a formally requested must be made by the current Project Lead to . Alternatively, the Project Lead or Co-Pilot may make updates on their behalf, with the agreement of the OpenSAFELY Service Team.

4: Notes

  • The OpenSAFELY GitHub Organisation contains all of the OpenSAFELY research code. An OpenSAFELY GitHub Organisation member has the ability to contribute to code within any repository (repo) contained within the Organisation, whether they are public or private. Anyone can see code within public repos, but only members of the OpenSAFELY GitHub Organisation can see the code within private repos.
  • Researchers do not require access to the OpenSAFELY GitHub Organisation in order to start writing code. They can create a research repo from the OpenSAFELY template in their own GitHub account. Researchers can work on their research repo, using dummy data and, when their OpenSAFELY Project Application has been approved, they can transfer that code into the OpenSAFELY GitHub Organisation.
  • Only OpenSAFELY Full Users, within the OpenSAFELY GitHub Organisation, with the correct JobServer access and VPN access, can run code against the real patient data within the backend.

Last updated: 13 January 2026