Cloud vs. on-premises solutions – 5 factors to consider when planning the connectivity strategy for your healthcare instrument

Building digital connectivity into your healthcare device or laboratory instrument makes it easy to collect data and automate activities, but is a cloud or on-premises solution the best fit for you?

Since cloud computing first took off in the mid-2000s, businesses around the world have been debating the benefits of cloud versus on-premises software solutions. Healthcare has been one of the more hesitant industries to adopt the cloud, largely due to concerns about security and compliance. But in the last few years, the promise of being able to integrate and analyze data from multiple locations has seen increasing willingness to adopt cloud-based solutions. But how do you know what option is right for your connected instrument?

In this article, we’ll look at some of the questions you should consider when deciding if you need an on-premises or cloud solution for your product or portfolio of products.

But first, let’s start with a quick refresher on exactly what each of these terms mean and some of the advantages and disadvantages.

On-premises solutions

On-premises solutions are just as they sound. Any data you produce through your instruments is stored on your in-house servers, it never leaves the premises. Associated software is also stored on your in-house servers. This means that your organization needs to invest in IT infrastructure such as servers, a secure place to house them, and an IT person (or team) to maintain them. You also need to ensure you have a contingency plan in place if something happens to one of your servers.

This is often considered to be the most secure means of storing data. Your organization can retain total control over data, making it easier to ensure you comply with privacy standards such as HIPAA (Health Insurance Portability and Accountability Act). Potential hackers would generally need to be onsite to access your server. However, you need to be confident in your internal IT team’s ability to keep security up to date.

Limiting access to onsite also makes it difficult if you want to grant employees remote access. You need to have a VPN (Virtual Private Network) set up, which usually involves an additional gateway server and specialist software. As anyone currently working from home can attest, setting up and accessing a server via a VPN connection is much more clunky than logging into cloud-based software.

Cloud solutions

Cloud computing is when your data and software is hosted by a third-party provider (such as Microsoft’s Azure cloud platform) and accessed via an internet connection. Cloud computing has driven the Internet of Things, with everything from lightbulbs to cars being able to connect wirelessly to the internet.

One of the main benefits of the cloud is convenience. Convenience for users who want to be able to access data or control an instrument remotely (particularly important when so many people are working from home during a pandemic). Convenience of being able to aggregate data from multiple locations in one place. Convenience of being able to easily scale up or scale down your cloud hosting services.

What puts a lot of people off the cloud is potential issues with security and compliance. It seems like every other week there is some sort of data breach in the cloud. But don’t let this put you off cloud solutions. You can absolutely make a secure cloud solution for a regulated medical environment, it just takes more diligence and planning. You need to be prepared to put in the development work to ensure your cloud-based provider and the design of your cloud application meet all the regulatory and security requirements needed to manage highly sensitive healthcare data.

Hybrid solutions

A third option is a combination of on-premises and cloud solutions. Under this set up, your data is primarily processed and housed on the premises, but certain selected information is transmitted to the cloud. This may be near real time or it might be configured to be an upload at the end of the day, depending on the security preferences and configuration. It allows you to make some information easily accessible from remote locations, while keeping other information securely within your organization’s control. For example, if your maintenance technicians are located offsite, you could send the instrument’s technical logs to the cloud each day. This would allow you to benefit from remote support and troubleshooting, while keeping patient data and results on the premises. As more data is processed in healthcare environments, a hybrid solution may also offer greater value to the users, but also requires careful planning with regard to security policies and privacy regulations.

How do I know which connectivity set up is right for my product or portfolio of products?

There are a number of factors you should consider when deciding what system is right for you.

  1. Consider the future vision of your product and key industry trends

At PI, we use the ‘Spectrum of Digital Solutions’ to paint a picture of how digital capability and digital ecosystems evolve. Where on the spectrum do you currently sit, and where do you ultimately want your product or portfolio of products to be? Consider this in the context of key industry trends, such as how your instrument will be impacted by miniaturization and decentralization. For example, if you are working in an industry that is increasingly moving towards point-of-care or at-home testing, a cloud-based system is likely to be more appropriate for your needs going forward. Considering these trends will help you create a clear vision and roadmap for your products – and what digital connectivity you need to get there.


  1. Next, develop a deep understanding of your users, their goals and the roles they play in the workflow

Who are the people that will be using your instrument? Are they lab technicians? Researchers? Clinicians? It’s quite likely that multiple users will perform different activities on your instrument throughout the course of the workflow. You need to understand the goals these individuals are trying to achieve and the location where that is best performed. For example, while a lab tech may need to load samples directly into an instrument, a researcher or clinician may be able to review progress and results from a different location – either on the premises or externally. Understanding the goal of the activity and the ‘place’ it is best performed from can clarify the importance of on-premises vs. cloud.

  1. What improvements can you introduce by further digitizing activities in the workflow?

How can you use digital to improve the workflow and add value? Can you achieve better outcomes for your workflow if you enable remote access, insights or control? If so, how important is it to be able to manage or access the instrument from different locations? If, for example, your instrument will be used in experiments that run for days, it may be useful for users to be able to log in remotely from home to check on progress. If it’s a shorter process, on-premises access may be better.

  1. How often and from what locations will the information need to be accessed in future?

For this, we’re talking about both the output of the core workflow (e.g. results) and information about how the instrument is performing the process. For example, users may need to monitor the instrument’s progress, the device manufacturer may need to monitor its performance for maintenance reasons, and clinicians may need to access patients’ results. It’s likely all these tasks will take place in different locations. However, it’s also possible that not all of these tasks need to be completed in real time, meaning that some sort of hybrid solution may be suitable.

  1. What is the nature of the security and privacy environment where the devices will be deployed?

You need to understand the nature of the information being shared in the workflow – is there a risk of a patient being identified, or is it completely anonymized? Carrying patient identifiable information means you need to be extra sure that you are meeting all the privacy and security regulations.

You also need to understand the security environment of your customers’ organizations. What information does the organization allow to leave the premises and what are the conditions associated with that? Some industries, such as pharmaceutical production, are very closed and secure, meaning they will almost certainly prefer an on-premises solution. Other organizations may be more open to cloud-based solutions and may already have cloud arrangements in place.

Finally, you need to assess the degree of integration between your solution and the organization’s other systems. The more integrated it is, the higher the risk and thus the more diligence and planning required for cloud solutions, meaning on-premises might be more appropriate.


When it comes to choosing between an on-premises or cloud-based solution, there is no definitive best option, but there is a best option for you. Considering factors such as your product’s future vision, your users and their role in the workflow, opportunities for digitization, whether information needs to be shared with remote locations, and the nature of the security and privacy environment, will help you determine whether you need a cloud or on-premises solution for your product or product portfolio. Whatever you choose, you need to be confident in your developer’s ability to design and deploy a secure system that meets your industries security and privacy requirements.

Leave a Reply

Your email address will not be published. Required fields are marked *