PCs without network are useless in a hospital context, anyway, as everything is already networked, even with applications being running locally (the database is not stored locally). It is easier to ensure connectivity through simple protocols (TLS/HTTP) running remote applications, than running local applications plus complex "remote monitoring" stuff. Regarding latency, if the servers are in the same building, you can get < 5ms latency with the default configuration (e.g. accessing Windows remote applications using HTML5 web clients).
This isn't true in a medical environment - the devices have value "in the room" whether its device control, test results interpretation or organisation of staff, procedures or patients, you can't just lose every computing device during DDOS and switch to paper.
edit: regarding the "same building latency" do we want every hospital, clinic and doctor's office running its own local datacentre? That will come with its own availability horror stories. For something like the NHS a multi-region centralised AWS style datacentre makes sense.
In a medical environment there are two kind of devices:
- Critical devices (that in most cases don't even run Windows): already safe, because using higher security standards.
- Administration devices (patient reports, etc.): don't have local database. And if you don't have connection, your computer is useless. That's the reason of "computers are not working" on hospitals when network is down. So a network failure would be a denial of service both when running local applications accessing a remote database, and for the case of pure remote applications. With the difference that with pure remote applications the attack surface would be near-zero at client side.
That is an oversimplification and the precise point of our disagreement. I don't believe "administrative" devices are non-critical to providing care. The last time I saw an NHS doctor examine an xray - it was an XP box. Is organising ER triage non-critical too?
Distribution, redundancy and routing around faults should be our vision for these systems and IMHO edge devices get closer to that. There are many ways a hospital can still shunt data around and use it locally in an emergency without giving up due to failure of remote systems.
