Last month our team traveled to Gothenburg, Sweden, for Vitalis 2026 — one of the leading Scandinavian forums shaping the future of healthcare. Two days of conversations with physicians, medical startup founders, researchers, and technical teams — and I’m still processing everything I heard.
One thought hasn’t left me since: healthcare is standing at an infrastructural inflection point. And the root cause has nothing to do with the quality of AI models. It runs much deeper.
The most powerful session of the conference, in my view, was “Evidence-Based Data for Evidence-Based AI.” The speakers offered an image that immediately became a structuring framework for me: medical data is not the new oil — as everyone loves to say these days. It’s shale. It’s everywhere, but fragmented, inconsistent in quality, and extraordinarily expensive to refine into anything genuinely useful.
The second argument hit even harder. Several organizations across different sectors are already mandating that all code be written by AI by the end of 2026. That means we’re rapidly approaching a world where no one — literally no one — will be able to read the pipelines that hold the entire system together.
The classic chain of “explanation → understanding → trust,” which underpins every audit and certification process, is closing off for an entire class of systems.
The answer is not to stop AI development — it’s to build systems where outcomes can be verified and where the provenance of data and decisions can be clearly traced. Stop trusting narratives. Start enforcing rules that are checked at every execution.
In medicine, where the cost of error is human health or even human life, this is not an academic discussion. It is an operational necessity.
A parallel thread running through the conference was data sovereignty and zero-trust architecture. And here, a principle emerged that inverts conventional logic: most healthcare institutions still live in a paradigm where data needs to be moved somewhere to be useful. But it doesn’t.
A model I heard from several independent sources: send the algorithm to the data, not the other way around. The hospital or clinic runs the analysis locally. Only verified, aggregated results leave the perimeter. Zero-trust — not as a security policy, but as an architectural property of the system itself.
Why does this matter for Ukraine? Because GDPR, the NIS2 Directive, the EU AI Act, EHDS — the entire regulatory wave that is already rolling toward us — is essentially converging on a single architectural requirement. Organizations that understand this first won’t merely become compliant. They will move faster — because they will have removed the legal bottleneck that slows down every new research initiative or model test.
Corridor conversations at Vitalis are often more honest than the sessions themselves. A few things I heard from founders and CTOs:
*”We have more data than ever — and less trust in it than ever.”* I heard variations of this sentence from four or five different people over two days.
Replacing an EMR is now a strategic decision, not just a vendor selection. The question is no longer “which system should we use?” — it’s “how do we permanently decouple our data from any specific vendor?”
Compliance is not a barrier for those who build it into the architecture. It only becomes a wall when it’s bolted on afterward. That sounds obvious — but in healthcare, it’s a systemic problem.
AI projects in healthcare fail not because of bad models. They fail not because of AI itself. Most often, the problem is poor data quality, labeling errors, or systems that were built without understanding how they would actually function inside hospitals and clinics.
The conference repeatedly referenced real-world examples — including issues with Epic’s sepsis prediction model and Obermeyer’s research on algorithmic bias in healthcare. These are no longer theoretical risks. They are case studies that forced the entire industry to rethink its approach to medical AI.
I’m consciously trying to translate what I witnessed into a Ukrainian context — because we have a unique opportunity not to repeat the mistakes the West has already made.
Medtech in Ukraine is growing. Telemedicine, healthcare information systems, AI-assisted diagnostics — all of this is already reality, not a horizon. But most teams are building on a foundation that simply won’t hold under the pressure of scaling or regulatory scrutiny.
Concretely: when a medical startup wants to grow quickly without sacrificing compliance, that is a cloud architecture and DevOps challenge as much as a legal one. When a hospital wants to run AI workloads on sensitive data without exporting raw records outside its perimeter, that is a platform engineering and security design challenge. When every data processing step needs to be stable, transparent, and auditable at any moment — that is an infrastructure and SRE question.
This is exactly what we work on with medical and medtech teams at Gart Solutions: from cloud infrastructure design and Kubernetes environments to compliance-aligned DevOps pipelines and CTO-as-a-service for teams navigating this transition.
We went to Vitalis expecting to hear about new AI models for healthtech. What I actually brought back was an understanding of where the real bottleneck lies. Not in the models. In the foundation beneath them.
And if you build that foundation correctly from the start — compliance, scalability, transparency, data sovereignty — it is not a constraint. It is a competitive advantage.
If you’re building something in medtech or digital health, I’d be glad to talk.
*Fedir Kompaniiets is co-founder and CEO of Gart Solutions, a cloud architect, and digital transformation consultant. The company specializes in cloud infrastructure, DevOps, and platform engineering for technology companies.*