Patient data is among the most sensitive any organisation holds, and the rules around it are correspondingly strict. An NHS organisation considering AI has to ask a question the marketing rarely answers: where does the patient data go, and what does sending it there do to our compliance position? For the Data Security and Protection Toolkit, and for the duties behind it, on-premise deployment is the dependable answer.
What the DSPT actually is
The NHS Data Security and Protection Toolkit, or DSPT, is an annual online self-assessment that organisations complete to evidence that they meet the National Data Guardian’s ten data security standards. Health and care organisations that access NHS patient data and systems are expected to complete it each year. It is the mechanism by which an organisation demonstrates, on the record, that its handling of data meets the expected standard.
Because the DSPT is evidence-based, every system that touches patient data forms part of the picture you are assessing. Introduce an AI tool that sends patient data to an external cloud, and you have added a processor, a data flow, and a set of controls you do not own to the scope of your assessment. You now have to evidence the security of something outside your walls. Keep the processing on your own infrastructure, and the data flow stays within the boundary you already assess and defend.
The Caldicott Principles and the Caldicott Guardian
Alongside the DSPT sit the Caldicott Principles, which govern the lawful, appropriate handling of confidential patient information. They ask, among other things, that confidential information be used only when necessary, that the minimum necessary be used, that access be on a strict need-to-know basis, and that everyone handling such information understands their responsibilities. Most NHS organisations have a named Caldicott Guardian, a senior person responsible for protecting the confidentiality of patient information and enabling appropriate information-sharing.
A Caldicott Guardian assessing an AI tool will ask the natural questions. Where does the patient information go? Who can reach it once it is there? Is sending it outside the organisation necessary, or is there a way to get the benefit without the transfer? On-premise AI gives a clean answer to the last question. The benefit is available without the patient information leaving the organisation at all, which is the outcome the principles steer towards.
Why on-premise is the dependable choice
When AI runs on the organisation’s own hardware, patient data is read and processed inside the network and never crosses the boundary. Three things follow.
The data flow stays in scope you control. There is no external processor to assess, no outbound data flow to document and defend, and no third-party controls to take on trust in your DSPT submission. You are evidencing systems you own.
Confidentiality is preserved by design. Patient information is not disclosed to an outside party, because no outside party receives it. The Caldicott aim of minimal, need-to-know handling is supported by the architecture rather than by a promise in a contract.
The audit trail is yours. Access, retention, and logging sit under your own governance, where your information-governance team can inspect them directly rather than requesting them from a vendor.
This is why the title of this piece does not overstate the case. For an organisation that has to evidence its data security each year and answer to a Caldicott Guardian for every use of confidential patient information, a route that keeps the data in-house is the one that holds up under scrutiny. A cloud route can be made compliant with enough contractual and technical work, but it adds risk, scope, and dependency that the on-premise route simply avoids.
One clarification, because it matters
UK healthcare data is governed by UK law and NHS frameworks: UK-GDPR, the Data Security and Protection Toolkit, the Caldicott Principles, and the common-law duty of confidence. It is not governed by HIPAA, which is a United States regime and does not apply here. Any AI supplier that reaches for HIPAA when discussing NHS data is describing the wrong country’s rules, and that is worth noticing early.
The work it suits
The everyday tasks that benefit are exactly the ones an organisation would rather not send anywhere: transcription of clinical meetings and dictation, reading and classifying scanned records, redaction of documents for disclosure, and search across the organisation’s own materials. Each runs inside the boundary, on data that stays put.
On-premise AI does not remove your obligations under UK-GDPR or your duties to patients. You remain the controller, and the standards still apply. What it removes is the external processor and the outbound flow of patient data, and with them a category of risk that an annual self-assessment and a Caldicott Guardian are right to scrutinise.
If you would like this mapped to your own DSPT scope, we can prepare a short briefing for your Caldicott Guardian, DPO, or information-governance team.