PRTOTYPE.COM · Production studioAudit · Build · Maintain
PRoTOTYPE.COM
6 July 2026 · Field notes

Data That Can't Leave the Building: Private LLMs for Regulated Sectors

Most articles about private LLMs start with cost. This one doesn't, because for a meaningful slice of the economy the cost argument is beside the point: the data is not allowed out. If you hold patient records, transaction histories, case files or citizens' data, "should we use the API?" is not a procurement question. It's a legal one, and the legal answer keeps getting stricter.

The regulatory floor moved

Two mechanisms matter most for European and UK organisations. Under GDPR Article 46, personal data can't be routed through third-country processors — which is what most US-hosted LLM APIs are — without valid transfer safeguards, and financial institutions in particular have found that "the vendor has a DPA" doesn't end the analysis. And since August 2025, the EU AI Act's general-purpose-AI obligations are enforceable, with penalties running to €35 million or 7% of global turnover. Sector rules stack on top: health data, legal privilege, government security classifications.

None of this says "you may not use LLMs." It says: know exactly where every token goes. The simplest architecture that satisfies that sentence is one where the tokens never leave.

The market has already voted

This is not a niche posture. The share of enterprise AI inference running on-premise or at the edge has gone from 12% in 2023 to 55% in 2026 — a 4.6× swing in three years, driven disproportionately by healthcare, finance and government.

On-premise and edge share of enterprise AI inference: 12% in 2023 to 55% in 2026

Source: DreamFactory on-premise LLM deployment statistics roundup, 2026.

And the forward numbers say it's still accelerating: 86% of surveyed enterprises expect AI infrastructure budgets to more than triple within three years, over 70% plan to scale on-premise or edge AI by 2028, and Gartner projects more than 75% of European and Middle Eastern enterprises will "geopatriate" workloads by 2030 to reduce geopolitical exposure.

Sovereignty planning statistics: budgets, on-prem scaling plans, geopatriation

Sources: DreamFactory statistics roundup; Gartner projection as cited therein. Survey figures are self-reported intentions — treat as direction, not destiny.

What "private" has to mean to count

A word of caution, because the label gets stretched. A private LLM deployment that actually answers the regulator means: open-weight models (Llama, Mistral, Qwen and peers) running in your infrastructure — your cloud tenancy or your hardware; RAG built inside the walls, so your documents are indexed and retrieved without ever transiting a third party; and logging you own, because "who saw this data" must be answerable from your systems, not a vendor's trust page. A "private endpoint" on someone else's multi-tenant service is a nicer contract, not a different architecture.

There's a European wrinkle worth knowing: Mistral's open-weight releases under Apache 2.0 have become the default sovereignty play for EU organisations that want strong models and a European supplier — one of the few cases where procurement politics and engineering judgement point the same way.

The part nobody regulates: keeping it alive

Here's what the compliance deck won't tell you. A sovereign deployment is not a purchase, it's a commitment: models get retired and replaced on the publisher's schedule, security patches land monthly, and every model swap needs eval runs against your acceptance criteria before it touches production. Regulated organisations, of all people, cannot run "whatever version someone installed in 2026" indefinitely. Budget the maintenance or don't start — this is exactly the gap our Maintain service exists to close, with a named monthly report your auditor can actually read.

Where to start

Not with hardware. Start with a written answer to three questions: which data is genuinely restricted, which use cases touch it, and what the smallest compliant architecture is. That's our private LLM readiness assessment — $9,500, a week or two of work, and a spec your DPO, your board and your engineers can all read. If the honest finding is that your restricted data never needed to touch the model at all, you'll have saved yourself a $45,000 deployment.

[Book a consultation →](/book) — free 30-minute call first.


Sources - DreamFactory — 28 On-Premise LLM Deployment Statistics (12%→55%, 86%, 70%, sector drivers) - DEV Community — LLM Landscape 2026: The Enterprise Decision Guide (EU-compliant) (GDPR Art. 46, EU AI Act enforcement dates and penalties) - Clarion — Deploying LLMs On-Premise for Data-Sovereign Enterprises - GoodData — Data Sovereignty and AI Analytics

This article is general information, not legal advice — your DPO and counsel own the compliance call.

Private LLM readiness

Run the numbers, not the vibes.

A $9,500 assessment tells you honestly whether a private deployment earns its cost for your volume, your data and your use case, including a straight “don't” when that's the finding.

Fixed price · Written answer either way
Book a Production Consultation