As a Melbourne-based MSP that’s spent years keeping medical clinics running smoothly, I’ve watched the shift to cloud happen across the sector. For a long time, the pitch made perfect sense: ditch the on-site server, gain higher availability, better disaster recovery, and pay only for what you use. It sounded ideal for busy practices juggling patient records, imaging, telehealth, and compliance.
But something has changed dramatically, and it’s called AI.
We’re no longer just storing notes or running basic practice software. AI is arriving in healthcare fast: tools that analyse X-rays for anomalies, assist with drafting consultation notes, flag potential risks in patient data, or even support diagnostics in real time. These aren’t lightweight apps. They demand serious compute power (GPUs, high memory, fast processing) far beyond what clinics needed five or ten years ago.
The race to build massive AI infrastructure is on. Hyperscalers like AWS, Azure, and Google are pouring hundreds of billions into new data centres, cooling systems, and next-gen hardware to keep up. Amazon’s capex alone is heading toward record levels this year, much of it earmarked for AI workloads. Microsoft and others are
following suit. The result? Hardware component costs, especially GPUs and specialised memory, have surged sharply over the past 18 months. Supply constraints mean on-premise servers and high-end equipment are more expensive and harder to source right now.
Manufacturers will adjust eventually; production ramps up, prices stabilise. But in the short to medium term, that inflation hits everyone.
Cloud providers aren’t immune; in fact, they feel it more directly. They pass those rising costs on through higher pricing for compute, storage, and especially GPU instances needed for AI. Quotes from industry leaders underline the scale: AWS CEO Andy Jassy recently noted that AI could drive AWS revenue to enormous levels in the coming decade, but that kind of growth doesn’t come cheap. Reports from analysts like IDC warn that organisations adopting AI routinely underestimate long-term cloud costs by 20-30% or more through to 2027.
For a small to mid-sized medical practice, this trend matters. Your monthly cloud bill, once marketed as predictable and lower than maintaining servers, starts creeping up. You pay for the redundancy, the global availability, the “five-nines” uptime that hyperscalers promise. But does a GP clinic really need that last 0.01% of availability? Most of the time, 99.9% is more than enough when you have the right backup, monitoring, and failover in place.
Here’s a GP reviewing AI-assisted scans in their clinic: powerful technology that’s transforming diagnostics and saving valuable consultation time. But running this kind of tool doesn’t automatically require a hyperscale cloud.
Security is another angle worth reconsidering, and in my view, one that’s often undersold when talking about cloud for healthcare.
Cloud providers invest heavily in protection, and that’s a real strength. Yet the flip side of their multi-tenant, shared infrastructure is a much larger risk profile. In a shared environment, a vulnerability, misconfiguration, or breach in the underlying
layer can cascade across hundreds or thousands of tenants. It’s the classic “single point of failure” amplified at scale.
Recent examples make this painfully clear. In 2025, a critical flaw in Microsoft Entra ID (CVE-2025-55241) allowed cross-tenant impersonation: an attacker could obtain a token in their own environment and impersonate a Global Admin in any other tenant worldwide. This broke the isolation that multi-tenant clouds promise, potentially exposing data and controls across unrelated organisations.
If even Microsoft (with virtually unlimited resources and the best security teams in the world) can suffer a flaw like this, then the likelihood of similar (or worse) isolation failures is much, much higher with smaller shared cloud platforms. This includes popular medical software providers like Best Practice and Medical Director, or many IT providers who run multiple practices on the same shared multi- tenant environment.
Much like shared web hosting: if one site on the server gets hacked and starts sending spam or hosting malware, the entire shared IP address can get blacklisted. Suddenly, every legitimate site on that server, even clean ones, suffers. The innocent neighbours pay the price for someone else’s compromise.
Scale that up to cloud environments handling petabytes of sensitive patient data from hundreds of clinics, and the blast radius becomes enormous.
The good news is that the industry is already adapting.
In the medium term, the practical fix to the exploding costs and shared risks of pure Cloud AI is offloading heavy AI workloads (especially inference and day-to-day model use) onto customer-owned or dedicated servers. This returns real control and far stronger isolation back to you, the practice that actually owns the patient data, while delivering predictable costs and lower latency.
In contrast, a well-managed on-premise or privately hosted server (colocated if you prefer no in-clinic hardware) gives you a much smaller attack surface. You’re not
sharing infrastructure with unknown parties. With modern tools (encrypted drives, multi-factor authentication, endpoint detection, immutable backups, segmented networks, and regular patching) your data can actually be more secure in a controlled, dedicated environment.
A clean, modern clinic setup doesn’t need sprawling server farms. Many practices thrive with compact, reliable on-premise infrastructure that’s fully managed and compliant.
Contrast that with the hyperscale world feeding the AI surge:
These enormous facilities power the models and services we’re all starting to use, but they come with shared risks and escalating costs that get passed downstream.
For most Australian medical clinics, especially GPs and allied health, the math is shifting fast in 2026. Cloud still works great for bursty stuff like telehealth spikes, offsite backups, or simple collaboration. But for your core systems, imaging, patient data, and the AI tools starting to land in daily workflows? Being part of a massive shared cloud pool is increasingly bad news.
Cloud services are going up in price, hard. The AI boom has hyperscalers like AWS, Azure, and Google pouring billions into GPUs and data centers, and those costs get passed straight to you. AWS quietly hiked GPU instance pricing by ~15% in early 2026 (breaking their 20-year “prices only go down” promise), Microsoft is seeing cascading increases to fund AI infrastructure, and analysts warn organizations routinely underestimate AI cloud bills by 20-30% or more. Your “predictable” monthly tab? It’s creeping higher, often without warning, because you’re subsidising the global AI race.
Worse, in these huge multi-tenant setups, you’re one of thousands (or millions) sharing the same infrastructure. A single vulnerability or outage can cascade everywhere, like that 2025 Microsoft Entra flaw allowing cross-tenant impersonation. If Microsoft can have isolation breaks, smaller shared platforms
(including some medical software clouds or MSP multi-tenant setups) are far more vulnerable. One bad tenant’s issue becomes your downtime, exposure, or compliance headache.
And control? Do you really have it? Over security (beyond what the provider promises), availability (beyond the marketed “five-nines” you rarely need), and, critically, price. Can you exit your current provider without massive egress fees, data migration pain, re-training staff, or rewriting integrations? For many clinics locked into proprietary cloud setups, the answer is “not easily, and not cheaply.”
The smarter path emerging in the medium term: offload heavy AI workloads (inference, daily model use) to your own dedicated servers or privately hosted gear. This brings predictable fixed costs, stronger isolation (no shared blast radius), lower latency for real-time tools, and true ownership of your patient data. Hybrid wins: keep elastic bits in cloud, but reclaim control where it matters most.
We are experts in health IT. If you’re looking for a specialised provider that delivers on real security, proactive management, and truly knows your systems (Best Practice, Medical Director, imaging, telehealth, and the rest), give us a call to find out more. We also offer a free health check for your current IT setup: no obligation, just clear insights into where you stand on cost, security, performance, and compliance.
We’re here to keep things running so you can focus on patients.
