COMMON QUESTIONS
Straight answers about self-hosted AI, on-premises language models, and private document search — costs, timelines, compliance, and how it all works.
What is AIRGAP LLM?
AIRGAP LLM is a Melbourne consultancy that installs and runs AI systems on your own hardware — not in the cloud. We work with law firms, healthcare providers, and financial services firms that handle data too sensitive for ChatGPT, Copilot, or other public AI platforms. Based in Cremorne (VIC 3121), we cover the entire Melbourne metro area for on-site deployments, training, and support.
What is a local LLM deployment?
A local LLM deployment means running an open-source language model — such as Llama 3, Mistral, Gemma 4, or Qwen — on a server inside your office or data centre. No queries, documents, or AI-generated responses pass through external platforms like OpenAI or Google. For example, a lawyer can ask the system to summarise a matter file, and the entire process happens on hardware the firm controls. This is the approach Australian organisations use when they need AI capabilities but can't accept the data handling risks of cloud AI.
Who needs private AI deployment?
Any organisation where staff are tempted to use ChatGPT but compliance says no. That typically means law firms protecting legal privilege, healthcare providers bound by the My Health Records Act 2012, and financial services firms navigating APRA CPS 234. We also work with accounting firms, wealth managers, and government-adjacent teams. If pasting your data into a public AI tool would be a policy breach or regulatory risk, self-hosted AI is the practical alternative.
How does local LLM deployment protect sensitive data?
Your data never leaves your building. Every prompt, every document chunk, and every AI-generated response stays on hardware you own. There are no API calls to OpenAI, Google, or Microsoft. No third-party data processor to assess or audit. You control retention policies, access logs, and who can query what. This makes compliance with the Privacy Act 1988, APRA CPS 234, and professional confidentiality obligations significantly simpler.
What is RAG (Retrieval-Augmented Generation)?
RAG is the technique that lets an AI system answer questions using your actual documents — not just its training data. Your documents are split into passages and converted into vector embeddings that capture meaning. When someone asks a question, the system finds the most relevant passages and feeds them to the language model, which generates an answer with citations to the source. Think of it as an AI-powered search engine for your internal knowledge, running entirely on your own hardware.
How long does deployment take?
Most deployments take 4 to 8 weeks from first conversation to production readiness. A straightforward setup for a 30-person firm with one document set can be done in under four weeks. More complex environments — multiple practice groups, ethical walls, integration with existing systems, large document sets — sit closer to eight weeks. We follow a five-step process: Assess, Design, Build, Validate, Support.
What types of documents can be processed?
We index policies, procedures, matter files, client correspondence, internal reports, contracts, knowledge base articles, compliance documentation, and operational records. The system handles PDF, Word, Excel, and plain text — the formats Australian firms actually use day-to-day. We've indexed collections from a few hundred documents to over 50,000, and retrieval quality scales well across that range.
Is local LLM deployment compliant with Australian regulations?
Local deployment supports compliance because all data stays within your network — no cross-border transfers, no third-party data processors. This aligns with the Privacy Act 1988 (particularly APP 8), APRA CPS 234 and CPS 230, the My Health Records Act 2012, and professional obligations under the Legal Profession Uniform Law. It doesn't guarantee compliance on its own — that depends on your access controls and usage policies — but it removes the biggest risk: data leaving your control.
How much does private AI deployment cost?
It depends on your firm's size, document volume, hardware needs, and ongoing support requirements. A deployment for a small firm with existing server hardware costs significantly less than one requiring new GPU infrastructure and complex access controls. We structure pricing as a one-time deployment fee plus an ongoing monthly support fee — no per-user subscriptions that scale unpredictably. Contact us for a consultation and we'll scope it specifically for your situation.
Can local LLMs match cloud AI quality?
For the tasks most firms need — document summarisation, question answering, policy search, and analysis — modern open-source models like Llama 3 and Mistral perform comparably to ChatGPT. They won't write poetry as well, but that's not what you're deploying them for. The quality gap that existed two years ago has largely closed for enterprise workloads. And because our RAG system retrieves from your actual documents, answers are often more accurate than a general-purpose cloud tool that's guessing from training data.
What ongoing support is available?
Monthly retrieval quality audits, document corpus refreshes, system performance reviews, and access log checks. Quarterly model evaluations against the latest open-source releases. As-needed troubleshooting, access control changes, new document ingestion, and user training. Think of it as managed IT for your AI system — we keep it current, accurate, and running smoothly.
Where is AIRGAP LLM located?
We're based at Gwynne St, Cremorne VIC 3121 — in Melbourne's technology precinct, a few minutes from Richmond station. Being Melbourne-based means we can be on-site for deployments, training sessions, and support visits across the metro area and greater Victoria.
What are the risks of using ChatGPT for legal work in Australia?
The main risk is privilege waiver. When a lawyer pastes privileged client data into ChatGPT, that information is disclosed to a third party (OpenAI) and processed on servers in the US. Under the Evidence Act 1995, opposing counsel could argue that privilege was waived through voluntary disclosure. There's also a Privacy Act risk: APP 8 restricts cross-border data transfers, and most cloud AI services process data overseas. Self-hosted AI eliminates both risks because the data never leaves the firm's network.
How does on-premises AI compare to Microsoft Copilot for security?
Microsoft Copilot processes data through Microsoft's cloud infrastructure — even the enterprise version routes queries through Azure services. You're trusting Microsoft's security posture, data retention policies, and geographic data routing. With on-premises AI, your data never leaves your server. There's no third-party data processor, no cloud dependency, and no reliance on a vendor's terms of service. For organisations where data sovereignty is non-negotiable — legal privilege, patient records, APRA-regulated financial data — on-premises is the more defensible position.
Can a small firm afford self-hosted AI?
Yes. A firm with 10-20 users can run a capable open-source model on a single GPU workstation — hardware that costs a fraction of what you'd pay for enterprise cloud AI subscriptions over two years. There's no per-user licensing fee that grows with your team. The upfront deployment cost is higher than signing up for ChatGPT, but the total cost of ownership over 12-24 months is often comparable or lower — and you own the infrastructure at the end.
Have a question not listed here?
Contact Us →