Why On-Premise AI Scribes Are the Only Safe Choice for NHS Trusts
Category: Clinical AI | NHS Technology | Data Governance
Patient data never leaves your walls. For NHS Trusts navigating the AI revolution, that sentence should be non-negotiable, yet most ambient AI scribe vendors can’t say it.
The NHS Is Under Pressure to Adopt AI. It Is Also Under Pressure to Protect Data.
The NHS Long Term Workforce Plan, NHSE’s AI strategy, and successive ICB procurement cycles have made one thing clear: artificial intelligence in clinical settings is no longer optional. Ambient AI scribes, tools that listen to clinical consultations and auto-generate structured notes are among the most immediately deployable and highest-ROI AI solutions available to frontline healthcare.
But alongside the momentum sits a quiet, persistent anxiety among NHS CIOs, Caldicott Guardians, and Information Governance leads: where does the data go?
This is not a bureaucratic concern. It is a patient safety concern, a legal concern, and following a series of high-profile data incidents involving third-party healthcare technology vendors – an increasingly urgent operational one.
What “Cloud-Based” Actually Means for Your Patient Data
Most ambient AI scribe products on the market today are cloud-hosted. When a clinician uses them, the audio of a patient consultation is transmitted to a remote server typically operated by a US-headquartered vendor where it is processed by a large language model, transcribed, structured into a clinical note, and returned to the clinician.
This architecture creates several categories of risk that NHS organisations must understand before procurement:
1. Data Leaves the Clinical Environment
Once audio or transcribed text exits the trust’s network boundary, it is subject to the vendor’s data handling practices, their subprocessors, their security posture, and critically — the legal jurisdiction in which their servers operate.
2. US Cloud Vendors Are Subject to US Law
Even vendors with EU or UK data centres remain subject to US federal law, including the CLOUD Act (Clarifying Lawful Overseas Use of Data Act, 2018). This means US government agencies can compel US companies to produce data stored abroad. For NHS patient data, this is not theoretical – it is a live compliance gap.
3. DSPT Compliance Becomes Harder to Demonstrate
The NHS Data Security and Protection Toolkit (DSPT) requires organisations to maintain clear accountability for all personal data flows. When patient data is processed by a third-party cloud AI vendor, establishing and evidencing that accountability chain to the standard required for DSPT submission becomes significantly more complex.
4. UK GDPR Data Transfer Obligations Apply
Post-Brexit, transfers of personal data from the UK to third countries require either an adequacy decision, Standard Contractual Clauses, or Binding Corporate Rules. For NHS clinical data specifically, the bar for demonstrating compliance is high and vendor DPAs (Data Processing Agreements) from US SaaS companies often do not meet it without significant legal review.

What On-Premise Means and Why It Changes Everything
An on-premise AI scribe operates entirely within the trust’s own infrastructure. The AI model runs on hardware located inside the clinical environment whether that is an on-site server, a trust-managed private cloud, or a secure local network node.
Patient data never leaves the trust’s boundary. Ever.
There is no audio transmission. There is no third-party processing. There is no dependency on a vendor’s uptime, their security team’s decisions, or their compliance with laws that may not align with NHS obligations.
For NHS organisations, this architecture delivers:
- DSPT alignment by design — data flows are contained and auditable within your existing governance framework
- UK GDPR compliance without complexity — no international transfer analysis required; data stays in the UK, within your control
- Caldicott Guardian confidence — patient confidentiality is structurally protected, not contractually promised
- Cyber Essentials Plus compatibility — on-premise deployment reduces the external attack surface materially
- Zero vendor dependency on uptime — clinical documentation continues even if the vendor’s cloud has an outage

The NHS Procurement Lens: What To Ask Every AI Scribe Vendor
When evaluating ambient AI scribe tools for NHS deployment, procurement leads and IG teams should require clear written answers to the following:
| Question | What a Safe Answer Looks Like |
| Where is patient audio processed? | On-site hardware within the trust boundary |
| Who are your subprocessors for AI inference? | None — all inference runs locally |
| Are you subject to the US CLOUD Act? | Not applicable — no US entity in the data chain |
| How do you evidence DSPT compliance? | Data never leaves the NHS environment |
| What happens to data if we terminate the contract? | Nothing — data was never held by the vendor |
| Do you hold any patient data? | No — we provide the model; you own all data |
If a vendor cannot answer these questions cleanly and in writing, that is material procurement risk.
KH Scribe: Built for NHS Data Sovereignty From Day One
KH Scribe by KastHunt is an on-premise ambient clinical AI scribe designed specifically for the NHS data governance environment. The architecture was built from the ground up with a single principle: patient data is yours, and it stays yours.
Key compliance features:
- Fully on-premise deployment — runs on trust-provided infrastructure, no cloud dependency
- DSPT-aligned architecture — data flow design reviewed against DSPT standards
- UK GDPR by design — no international data transfers, no third-party AI processors
- MHRA Class 1 pathway — regulatory classification appropriate to a clinical documentation tool
- ISO 27001 certification in progress (BSI/UKAS) — information security management to NHS supplier expectations
KH Scribe is not a US SaaS product retrofitted for the NHS. It was designed for it.

Frequently Asked Questions
What is an on-premise AI scribe? An on-premise AI scribe is a clinical documentation tool that uses artificial intelligence to listen to patient consultations and generate structured clinical notes — but processes all data locally, within the healthcare organisation’s own infrastructure, rather than sending it to external cloud servers.
Is cloud-based AI safe for NHS patient data? Cloud-based AI tools introduce data governance complexity for NHS organisations. Patient audio and clinical text processed by cloud AI vendors may be subject to third-party data handling practices, US legal jurisdiction (including the CLOUD Act), and international data transfer obligations under UK GDPR. On-premise alternatives eliminate these risks by keeping data within the trust boundary.
What does DSPT compliance mean for AI scribes? The NHS Data Security and Protection Toolkit (DSPT) requires organisations to evidence how personal data is handled, stored, and protected. For AI scribe tools, this means being able to demonstrate exactly where patient data goes during processing. On-premise solutions make this significantly easier to evidence than cloud-based alternatives.
Do AI scribes require MHRA registration? Ambient AI scribes that generate clinical documentation may be considered software as a medical device (SaMD) under MHRA guidance, depending on their intended purpose and clinical claims. Tools positioned as clinical decision support require careful regulatory classification. KH Scribe is pursuing appropriate MHRA Class 1 registration.
Can NHS Trusts use AI scribes under existing procurement frameworks? Yes. NHS Shared Business Services (NHS SBS) and other framework agreements increasingly include healthcare AI categories. Procurement through established frameworks can significantly reduce the time and risk of AI tool adoption for trusts and ICBs.
How do I evaluate an AI scribe vendor for NHS use? Key questions include: where is data processed, who are the vendor’s subprocessors, are they subject to US law, how do they evidence DSPT compliance, and what happens to data on contract termination. Require written answers to all of these before procurement.
The Bottom Line
The NHS has a right to adopt AI. Clinicians have a right to tools that reduce their documentation burden. Patients have a right to have their data protected.
On-premise AI scribes are not a compromise between capability and compliance. They are the architecture that makes genuine compliance possible and in the NHS context, that makes them the only responsible choice.