Cloud-first and hybrid are the two broad frameworks that NHS digital leaders are weighing when planning data architecture transitions. Both are legitimate approaches. The choice between them is not a technical preference. It is a strategic decision that should be grounded in an honest assessment of the current estate, the clinical and operational requirements, the compliance obligations, and the sequencing of other major programmes already in flight.

This article sets out what each model actually involves in an NHS context, where each performs well, the governance and compliance constraints that shape the decision for any NHS Trust, and the practical framework for making a choice that is defensible and deliverable.

Defining the Models in an NHS Context

The language of cloud-first and hybrid is used loosely in the market, which creates confusion. For NHS Trusts, the definitions need to be precise.

Cloud-First

A cloud-first approach means that new workloads and capabilities are designed for cloud deployment by default, and that existing on-premises systems are migrated to cloud environments according to a structured roadmap. It does not mean that everything must be in the cloud immediately, or that on-premises systems are switched off overnight. It means that cloud is the design assumption for everything built going forward, and that the direction of travel for the existing estate is consistently towards cloud.

NHS England's own cloud strategy is cloud-first and internet-first. The Federated Data Platform is cloud-native. The EPR systems being procured by NHS Trusts in 2025 and 2026 are increasingly vendor-hosted on cloud infrastructure. The direction set by national programmes is unambiguously cloud-first.

Structured Hybrid

A structured hybrid approach means deliberately maintaining both on-premises and cloud environments, with defined policies governing which workloads sit where, how data moves between environments, and how governance is applied consistently across both. The emphasis on 'structured' is important. An unplanned hybrid environment, where on-premises and cloud systems coexist without a governing architecture, is not a strategy. It is the default state of most NHS Trusts today, and it carries the risks of both environments without the benefits of either.

A genuine hybrid architecture involves deliberate workload placement decisions, unified governance, consistent security controls across environments, and a defined integration layer managing data flows between on-premises and cloud components. It is considerably more complex to design and operate than a pure cloud approach, but for many NHS Trusts it is the realistic operating model for a transition period that may extend over several years.

The NHS-Specific Constraints That Shape the Decision

Cloud architecture decisions in non-NHS contexts often focus primarily on cost, scalability, and developer velocity. In NHS settings, three additional constraints shape every decision.

Data Residency and DSPT Compliance

NHS England guidance from November 2025 is explicit: all patient data stored at rest must remain within the United Kingdom, secured with a minimum of AES-256 encryption. This is a non-negotiable requirement under the Data Security and Protection Toolkit. It means that any cloud platform used for patient data must operate within UK-based data centres. The major hyperscalers, Microsoft Azure UK South and UK West, AWS UK regions, and Google Cloud UK, all provide certified environments that meet this requirement and hold the ISO 27001 and Cyber Essentials certifications required for DSPT compliance.

This constraint does not prevent cloud adoption. It shapes where cloud workloads can be hosted. A cloud-first strategy built on UK-region hyperscaler deployments is fully compatible with DSPT compliance. What it does rule out is the use of non-UK cloud environments for patient-identifiable data, and it requires that hybrid architectures apply the same data residency controls consistently to the cloud components as to the on-premises environment.

Clinical Latency Requirements

Some clinical workloads have latency requirements that currently favour on-premises or local network-hosted storage over public cloud. Active clinical imaging, where radiologists and clinical staff need to retrieve and manipulate high-resolution images in real time, is the clearest example. Where network connectivity between clinical systems and cloud storage cannot guarantee the required response times, on-premises storage for actively used data remains the appropriate choice.

This is one of the most practically significant constraints on the pace of full cloud migration for NHS Trusts. The solution being adopted by leading NHS organisations is intelligent data tiering: active clinical data remains on-premises or on local high-performance storage, while archived and infrequently accessed data is moved to cloud storage tiers. This is a hybrid model by design, justified by genuine clinical requirements rather than organisational inertia.

The experience of NHS Trusts that have implemented this approach is instructive. Moving long-term storage of high-resolution clinical images to cloud has eliminated the cycle of costly on-premises infrastructure refresh every five years, freed datacentre space, and reduced the ongoing cost of managing large volumes of infrequently accessed data without compromising access to active clinical data.

Legacy System Dependencies

Many NHS clinical and operational systems were not designed for cloud deployment and cannot be simply lifted and shifted. Systems built on older versions of SQL Server, applications that depend on on-premises network shares, and clinical tools that require direct integration with on-premises hardware cannot move to cloud without significant rearchitecting work. These dependencies do not prevent cloud migration, but they affect sequencing and create the conditions for a hybrid operating model during the transition period.

A cloud-first strategy for an NHS Trust with significant legacy system dependencies does not mean migrating those systems immediately. It means designing the target cloud architecture clearly, migrating what can be migrated on a risk-based sequencing plan, and managing on-premises legacy systems as first-class components of a hybrid estate until they are replaced or migrated.

Comparing the Two Models

The table below summarises the key differences between cloud-first and structured hybrid approaches across the dimensions that matter most for NHS Trusts.

Neither model is inherently superior. The right choice depends on the Trust's current estate, its programme sequencing, its clinical latency requirements, and the realistic pace of migration given workforce capacity and budget. What is important is that the choice is made deliberately, documented clearly, and governed consistently.

Workload Placement: The Core Decision in Hybrid Architecture

For NHS Trusts adopting or operating within a hybrid model, the most important design task is workload placement: deciding which data and applications belong on-premises, which belong in cloud, and which require a tiered approach based on usage patterns. The table below provides a practical starting framework.

Workload placement decisions should be reviewed as part of any current-state discovery exercise, and revisited as clinical systems, EPR configurations, and network capabilities evolve. What is appropriate today may not be appropriate in two years as connectivity improves and vendor cloud offerings mature.

The Most Common Mistake: Unplanned Hybrid

The single most damaging outcome in NHS cloud strategy is not choosing cloud-first when hybrid was appropriate, or choosing hybrid when cloud-first would have been more effective. It is failing to choose deliberately at all, and arriving at an unplanned hybrid environment through a series of disconnected decisions made by different teams over time.

Unplanned hybrid is the current state of most NHS Trusts. Cloud applications have been deployed alongside on-premises systems without a governing architecture defining how they integrate or how data governance is applied consistently across both. The result is a more complex estate than either a pure cloud or a structured hybrid approach would produce, with governance gaps in the spaces between environments.

The risk is not cloud-first or hybrid. It is neither: a state in which cloud and on-premises systems accumulate without a governing architecture, producing complexity without capability.

The remedy is the same regardless of which transition model a Trust ultimately adopts: a current-state discovery that establishes what the estate actually consists of, a target architecture that defines clearly where each category of workload belongs, and a governance framework that applies consistently across both environments during the transition period.

How to Make the Decision for Your Trust

The decision between cloud-first and structured hybrid is not a binary choice made once and fixed permanently. For most NHS Trusts, the appropriate model will evolve as the estate changes and migration progresses. The practical question is which model is right for the next phase of the Trust's journey, with an explicit plan for how the model evolves from there.

The following questions provide a structured basis for making the decision:

1. What is the complexity and age of the current on-premises estate? A Trust running a large number of legacy SQL Server instances, on-premises integration engines, and undocumented local systems will need a longer hybrid transition phase. A Trust with a more rationalised estate can move more quickly to cloud-first.

2. Are there clinical workloads with genuine latency constraints that cannot be met by current cloud connectivity? If so, structured hybrid with defined tiering for those workloads is the right approach. If not, cloud-first is achievable.

3. What is the sequencing of EPR and FDP programmes? If an EPR is in procurement or early implementation, the cloud data architecture should be designed in parallel. If FDP adoption is underway, the local cloud data layer needs to be ready to feed it. Both programmes inform the urgency and sequencing of transition.

4. What is the Trust's capacity to manage a hybrid environment? Running two environments with consistent governance, security, and integration requires sustained internal capability or external support. If that capacity is limited, moving faster to cloud-first reduces ongoing operational complexity.

5. What are the DSPT obligations for each category of data? Patient-identifiable data must remain within UK cloud regions. Non-patient operational and corporate data has fewer constraints. Classification of data by sensitivity should inform placement decisions.

Where VE3 Can Help

VE3 works with NHS Trusts to design enterprise data architecture strategies that reflect the real constraints of NHS environments: legacy system complexity, clinical latency requirements, DSPT and UK GDPR obligations, and the sequencing demands of concurrent EPR and FDP programmes.

Our work covers current-state discovery, target architecture design, workload placement frameworks, governance model development, and phased transition roadmap planning. Whether your Trust is beginning to develop its cloud data strategy or is looking to bring structure and governance to an existing hybrid environment, we would welcome the conversation.