In Healthcare, The AI Now Comes To The Data: Why Inference Is Moving Onto The Ward
Regulated care is quietly pulling AI inference back inside the building. Here is the honest reason why, and what a sovereign operating system actually changes.
By Micky Irons
For thirty years the rule in enterprise computing was simple. You moved the data to where the compute lived. You shipped scans to a cloud region, ran the model, and pulled an answer back. In 2026 that rule is quietly inverting inside regulated healthcare. The compute is moving to where the data already sits. The AI is coming to the ward.
I want to make the honest case for why this is happening, because a lot of the noise around it is wrong. This is not a story about hospitals being banned from the cloud. It is a story about a preference, applied at the level of specific workloads, over the most sensitive data any institution holds. And it is a story about what you actually need to run AI inside your own walls without the insight ever leaving them.
The signal is real, and it is not hype
Look at what the largest regulated operators are actually doing. Microsoft has highlighted that GSK uses Azure Local to process real-time data and run AI inference across its manufacturing and research facilities worldwide. That is a pharmaceutical company choosing to keep inference local, on infrastructure it controls, rather than routing everything to a distant region.
The macro numbers point the same direction. Gartner projects that inference will account for roughly two-thirds of all AI compute in 2026, up from about half in 2025 and a third in 2023. Inference is now the dominant workload, and inference is exactly the part that can run close to the data. A trained model is a fixed artefact. Once you have it, scoring a chest X-ray or a stream of vitals does not require a hyperscale datacentre. It requires a box on-site with the right accelerator.
So the trend is real. The question is why healthcare in particular is leaning into it, and here I have to be careful, because the usual explanation is the wrong one.
The honest version: it is preference, not a legal bar
You will read that GDPR and HIPAA force hospitals off the cloud. That is not true, and clinical-AI leads should not repeat it.
HIPAA explicitly permits covered entities and business associates to use cloud services to store and process electronic protected health information. The HHS guidance is direct about this. You sign a Business Associate Agreement with the cloud provider, implement the Security Rule safeguards, and you are compliant. HHS even permits storing that data on servers outside the United States, provided the agreement and safeguards are in place and you assess the country-specific risk.
GDPR is the same shape. Health data is special category data under Article 9, and processing it for diagnosis and care is expressly allowed under Article 9(2)(h), subject to professional secrecy. Cross-border transfers are permitted with Standard Contractual Clauses, a transfer impact assessment, and supplementary measures like encryption and strict access control. There is no blanket cloud prohibition anywhere in the regime.
So let me say plainly what the genuine no-cloud bar covers, because it is narrow. It applies to isolated operational technology, to classified environments, to workloads a data protection impact assessment has come back negative on, to material a specific contract or national security rule pins in place. For the overwhelming majority of hospital AI, the cloud is legal with controls.
What is driving the shift is not a bar. It is sovereignty preference, exercised workload by workload. A radiology department can decide that continuous imaging inference is the one thing it never wants to leave the building, even while its email, its rota system and its back office sit happily in the cloud. That is a legitimate, defensible engineering and governance choice. It is not the law forcing anyone's hand, and pretending otherwise weakens the real argument.
Why the ward is the right place for that specific workload
Once you accept it is a preference, the case for keeping inference on-site gets stronger, not weaker, because now it rests on merit.
Imaging and patient monitoring are high-volume, latency-sensitive, and continuous. A monitoring model watching for deterioration wants to act in the room, not after a round trip to a region. The data is also the most re-identifiable an organisation holds. A DICOM study is not an anonymous row in a table. It is a person. Reducing the number of places that data travels genuinely reduces your attack surface and your breach exposure, and it makes your data protection impact assessments simpler to defend.
There is a procurement reality too. Every third-party processor you add is another agreement, another audit, another link in a chain you have to attest to a regulator. Keeping the inference inside your perimeter collapses that chain for the workload that matters most. You are not outsourcing the sensitive part at all.
What a sovereign operating system actually adds
Running one model on one server on-site is not hard. Running AI as an institution, across imaging, monitoring, triage and back-office, under audit, with clinicians trusting the output, is the hard part. That is the gap Mickai is built to close.
Mickai is a sovereign intelligence operating system, a SIOS. A regulated organisation owns it and runs it inside its own walls, air-gapped where the workload demands it, with a cryptographically-signed audit record written on every action the system takes. It is built and live, not a slide. The point is not that inference runs locally. Plenty of tools can do that. The point is that the whole intelligence layer, the models, the routing, the retrieval, the memory, the record of who asked what and what the system answered, stays inside the hospital and stays provable.
That last part is what a signed audit record buys you. When a clinical safety officer or a regulator asks what the model saw, what it said, and who acted on it, you have a tamper-evident answer rather than a log you hope is intact. For clinical AI, provenance is not a nice-to-have. It is the difference between a decision you can stand behind and one you cannot.
We hold 104 filed UK patent applications across 13 families, roughly 2,340 claims, with Mickarle Wagstaff-Irons as named inventor, covering the sovereignty, audit and orchestration machinery underneath this. Those are filed and moving toward examination. I say that plainly so the claim is honest. Filed, not granted.
The takeaway
The inversion is genuine. Inference is moving to the data, and in healthcare it is moving onto the ward. But the reason to do it is not that anyone made you. It is that for imaging and monitoring, the most sensitive and highest-volume AI a hospital runs, keeping the insight inside the building is the better engineering, the cleaner governance and the smaller risk. Choose it as a preference, at the workload level, and own the layer that makes it provable. That is the whole move.
Frequently asked questions
Does GDPR or HIPAA ban hospitals from using the cloud for AI?
No. HIPAA permits cloud processing of protected health information with a Business Associate Agreement and Security Rule safeguards, and HHS even allows storage outside the US with appropriate risk assessment. GDPR permits health data processing for care under Article 9(2)(h) and allows cross-border transfers with Standard Contractual Clauses and supplementary measures. The genuine no-cloud bar is narrow and workload-specific. The broader shift is a sovereignty preference, not a legal prohibition.
If the cloud is allowed, why keep imaging inference on-site at all?
Because for that specific workload it is the stronger choice. Imaging and monitoring are latency-sensitive, continuous and highly re-identifiable. Keeping inference in the building cuts the number of processors in your compliance chain, shrinks your breach exposure, and simplifies your data protection impact assessments. It is a merit-based decision applied to one workload, not a blanket rule for everything you run.
What does Mickai do that a local GPU server does not?
A local server runs a model. Mickai runs the whole intelligence layer as an owned, air-gapped operating system, with a cryptographically-signed audit record on every action so provenance is provable to a regulator or clinical safety officer. It is designed for AI at the level of an institution, across multiple clinical and back-office workloads, not a single point solution.
Are Mickai's patents granted?
No. We hold 104 filed UK patent applications across 13 families, around 2,340 claims, named inventor Mickarle Wagstaff-Irons. They are filed and progressing toward examination and grant. We are precise about that distinction.
---
If this is the direction your estate is heading, it connects to two other things we have written about: how sovereignty works when the data cannot move, in Data Sovereignty And The Air-Gapped Hospital, and where inference belongs across an estate, in Edge AI And The Case For On-Site Intelligence. Both go deeper on the architecture behind this piece.


