Telehealth platform on-premise vs cloud: what Ministries of Health need to know

Q: Can a telehealth platform work without any internet connection?

Yes. MedConnect on-premise deployment operates on a local network with no internet dependency.

Q: What is the cost difference between cloud and on-premise?

Cloud has lower upfront cost but ongoing subscriptions. On-premise requires server investment but can have lower long-term costs.

Q: How are software updates handled on-premise?

MedConnect provides OTA update packages that local IT reviews and applies at their discretion. Updates are never forced.

Q: Can we start with cloud and migrate to on-premise later?

Yes. Same architecture in both models. MedConnect provides migration support as a professional service.

When a Ministry of Health evaluates a telehealth platform, one of the first technical questions is: cloud or on-premise? Most telehealth vendors only offer cloud. That limits options for governments that require health data to stay within national borders, or that operate in environments where internet connectivity cannot be guaranteed.

MedConnect supports both models — and a hybrid option. This article explains the trade-offs, the requirements, and the practical implications of each approach for national health programs.

Why most telehealth platforms are cloud-only

Cloud deployment is simpler for the vendor. The software runs on the vendor's infrastructure (typically AWS, Azure, or Google Cloud). Updates are pushed centrally. Scaling is automatic. The vendor manages servers, security patches, and backups.

For most healthcare providers — clinics, hospitals, private practices — cloud works well. The provider pays a subscription, logs in via a browser, and the platform works. No IT staff needed on-site.

But for government-scale deployments, cloud-only creates three specific problems:

Data sovereignty: health data leaves the country. Even if the cloud provider has local data centers, the vendor's management plane, encryption keys, and support access may be in another jurisdiction.
Connectivity dependency: if the internet goes down, the platform stops. In rural areas, conflict zones, or during natural disasters, this is not theoretical — it is a daily reality.
Regulatory compliance: some national health data protection laws explicitly require on-soil storage. A cloud deployment in a foreign data center may not comply, regardless of the vendor's certifications.

Data sovereignty: what it means practically

Data sovereignty means that health data is stored and processed exclusively within the country's borders, under the country's legal jurisdiction. For a telehealth platform on-premise, this means:

Servers are physically located in the country
No data replication to foreign data centers
Encryption keys are managed locally
Access control is administered by the national IT team
Vendor support can be provided remotely but cannot extract data

For the Saudi Arabia Hajj Ministry project, MedConnect was deployed fully on-premise with zero cloud dependency. All patient data, consultation records, AI processing, and video streams remain within the deployment's local infrastructure. The same approach is being proposed for the Oman national ambulance diagnosis system.

On-premise deployment: what it requires

An on-premise telemedicine deployment requires local infrastructure:

Server hardware: physical or virtual servers with sufficient compute, storage, and memory. MedConnect runs on standard Linux servers with Docker containerization.
Network: local area network connecting consultation stations to the server. Internet is optional — the system works on an isolated LAN for synchronous consultations within the facility.
IT administration: a local team or contractor for server maintenance, backups, and updates. MedConnect provides over-the-air update capability, but the local team controls when updates are applied.
Power: UPS and generator backup for server uptime.

The MedConnect Hub — a compact device bridge under 15cm × 15cm × 5cm — simplifies the edge infrastructure. It connects all medical devices via USB and Bluetooth, runs the platform locally, and requires no Windows PC or complex IT setup.

Cloud deployment: advantages for smaller programs

For programs that do not require data sovereignty, cloud deployment offers real advantages:

Zero infrastructure: no servers to buy, install, or maintain
Automatic updates: new features and security patches applied centrally
Scalability: adding new sites requires only hardware and user accounts, no server provisioning
Disaster recovery: geo-replicated backups every 6 hours (for MedConnect's AWS deployment)

MedConnect's cloud deployment runs on AWS eu-west-3 (Paris), certified HDS (French health data hosting standard). Encryption uses AES-256 at rest and TLS 1.3 in transit. The platform is certified ISO 27001:2022 (certified June 12, 2024, British Assessment Bureau).

For international deployments where data sovereignty is not mandated, this is often the fastest and most cost-effective option.

Hybrid model: the practical middle ground

Many real-world deployments use a hybrid approach:

On-premise core: the platform, patient records, and clinical data run locally
Cloud backup: anonymized or encrypted backups replicate to a cloud server for disaster recovery
Cloud services: specific services (like AI transcription or tele-expertise routing) may use cloud APIs, with data anonymized before transmission

This model gives the Ministry operational control over sensitive data while leveraging cloud infrastructure for non-sensitive services. The AI medical scribe, for example, can be configured to process transcription data locally — no audio or text leaves the deployment country.

Compliance standards that apply

Regardless of deployment model, a telehealth platform for government use should meet or exceed these standards:

ISO 27001:2022: information security management system. Certifies the vendor's security processes.
HDS (France-specific): health data hosting certification. Required for any platform handling French patient data.
HIPAA (US and international): health data privacy and security. MedConnect provides a Business Associate Agreement (BAA) for HIPAA-covered deployments.
GDPR (EU): data protection regulation. Applies to any deployment processing EU resident data.
CE marking: all integrated medical devices must be CE-certified for clinical use.

MedConnect holds all of the above certifications. For national deployments, additional country-specific certifications may be required — MedConnect's architecture is designed to accommodate these through local configuration and hosting.

FAQ

Can a telehealth platform work without any internet connection?

Yes. MedConnect's on-premise deployment operates on a local area network with no internet dependency. Consultations, device data, and patient records all function locally. Internet is only needed if you want to connect remote doctors from outside the facility or sync with cloud services.

What is the cost difference between cloud and on-premise?

Cloud deployment has lower upfront cost (no server hardware) but ongoing subscription fees. On-premise requires server investment upfront but can have lower long-term costs for large deployments. MedConnect prices both models on a per-deployment basis.

How are software updates handled on-premise?

MedConnect provides over-the-air update packages that the local IT team reviews and applies at their discretion. Updates are not forced — the Ministry controls the update schedule.

Can we start with cloud and migrate to on-premise later?

Yes. The platform architecture is the same in both models. Data can be exported from the cloud instance and imported into an on-premise deployment. MedConnect provides migration support as a professional service.