Your data does not leave your clinic. Ever.
While the industry pushes healthcare to the cloud, Dental Brain does the opposite: it runs all the AI inference, clinical data and LLM on the clinic's own physical server. For a simple reason: it's the only architecture compatible with where European regulation is heading.
One architecture, one principle
In healthcare, patient data belongs to the clinic and the patient, not to the software provider. That obvious sentence breaks the moment you plug in a cloud PMS and an external AI agent: every radiograph, every clinical note, every no-show prediction travels to third-party infrastructure you don't control.
Dental Brain is designed the other way around. The GPU server lives in your server room. The LLM runs on it. The agents run on it. Your data only travels within your own network. Public cloud is not part of the nominal operation loop.
Native regulatory compliance
Complying with GDPR, the AI Act and national health regulation is not an add-on module. It's a consequence of the architecture.
Personal data never leaves the data controller. There's no cloud processor to sign a DPA with, no international transfers, no adequacy analysis to justify.
Most EU jurisdictions reinforce GDPR with specific obligations for health data. Encryption at rest, access logging and full traceability are implemented on the clinic's server.
AI systems in healthcare are high-risk. The AI Act requires technical documentation, records, data governance and conformity assessment. Having the model and the data on-premise simplifies traceability by design.
Most EU countries require keeping clinical records for at least 5 years (some longer). Local custody guarantees availability without depending on a cloud provider's operational continuity.
On-premise vs cloud · practical view
An architecture decision, not an opinion.
| · | On-premise (Dental Brain) | Cloud (otros) |
|---|---|---|
| Where the data lives | Clinic's server | Provider's datacenter |
| Data processor | N/A — you are the controller | Contract + audit required |
| International transfer | None | SCC if servers outside EU |
| Continuity if provider disappears | Data remains available | Depends on exit plan |
| AI query latency | Tens of ms | Hundreds of ms / seconds |
| Cost per AI query | Marginal zero (hardware amortized) | Per token / per call |
| Attack surface | Local network | Local + cloud + APIs |
Audit and traceability
Complying is one thing. Proving you comply, another.
Immutable local logs
Every action, every inference, every access is recorded in encrypted logs that cannot be modified without leaving a trace. Meets traceability requirements of national data protection authorities.
Right to be forgotten
When a patient exercises their right, deletion is complete: records, derived embeddings and cache. The system documents the removal as evidence for an eventual inspection.
Portability
Data export in standard formats (HL7 FHIR, DICOM, CSV) at any time. No data lock-in: if you decide to switch providers, your data goes with you.
Impact assessment
Dental Brain-specific DPIA templates are available, ready to be presented to the national data protection authority if required.