Healthcare has the extra complication of HIPAA / equivalent local laws, and institutions being extremely unwilling to process patient data on devices they don't directly control.
I don't think this is going to work in that industry until local models get good enough to do it, and small enoguh to be affordable to hospitals.
Hospitals use O365, there are HIPAA-compliant editions of any prominent cloud service.
That industry only thinks it controls its devices. Crowdstrike showed there are many bridges over that moat.
Their concern is compliance, not security.