Therapist reviewing notes on a laptop at a clean desk in a calm, naturally lit office
AI & Documentation·5 min read

Is it actually safe to use AI for therapy notes?

OasysJune 23, 2026

Key takeaways

  • AI transcription doesn't require storing session audio
  • Per-client consent toggles are possible — and advisable
  • Transcripts that persist are potentially discoverable by subpoena
  • A signed BAA should prohibit session content from training AI models
  • Test AI notes against your real caseload, not just easy note types
HIPAAAI notestherapy documentationprivacyBAA

Using AI for therapy notes can be HIPAA compliant, but compliance is a property of the specific tool and its contracts, not of "AI" as a category. The safety question resolves to three concrete facts you can verify with any vendor: whether session audio is stored, whether the transcript persists, and whether your client content is used to train models.

Why this question matters now

AI documentation has moved from novelty to default expectation, and clinicians are right to interrogate it before trusting it with the most sensitive records in medicine. The tension is real: the time savings are significant, but a therapy note carries content that can be subpoenaed, breached, or repurposed in ways a billing record never could.

This post draws on Oasys's proprietary knowledge: direct, ongoing conversations with practicing therapists and practice owners, plus our seat at the infrastructure layer of real practices, where we see how documentation, billing, and consent actually work day to day. Across customer conversations covering dozens of practices and clinicians, AI documentation is the most-discussed feature in every demo, and the same privacy questions surface nearly every time: is the session being recorded, what happens to the audio, and can individual clients opt out. The hesitation is not opposition to the technology. It is the absence of a clear answer to those three questions.

That is the distinction this piece turns on. The risk is not the technology. The risk is an underspecified tool. "AI is unsafe for notes" is mostly a question that has not been asked precisely.

Below we walk through five things therapists commonly get wrong about AI notes and privacy, and what actually happens to the data in each case.

Myth 1: AI therapy notes require recording the session

They do not. A well-built scribe transcribes text in real time and never stores the audio at all, which means there is no recording to leak, subpoena, or retain.

This is the most common misconception, and it surfaces in nearly every demo: therapists and clients conflate "transcription" with "recording." They are different operations. Transcription converts speech to text in the moment. Recording implies a stored audio file that lives somewhere afterward.

Other platforms may be built differently. Oasys does not store audio: it transcribes during the session, and the audio is gone when the session ends. That is the right question to ask any vendor, because the answer determines whether an audio artifact of your sessions exists anywhere at all.

Myth 2: Consent for AI is a practice-wide setting, so if you use it, all clients are on it

Per-client consent is both possible and advisable. A practice-wide on/off switch is a design limitation, not a requirement.

Practices have mixed caseloads. A client with paranoia, a trauma history, a high-profile role, or simply a principled objection to AI should be able to decline without affecting anyone else's care. Granular per-client toggles are the correct model.

Other platforms may be built differently. The standard you want is a control that lives at the level of the individual client, not the whole practice. If declining AI for one client means turning it off for everyone, the tool is forcing a policy decision that should be a clinical one.

Myth 3: The transcript stays in the system after the note is signed

Whether a transcript persists after note completion is a vendor decision, not a fixed property of AI tools. This matters legally, because transcripts that persist are potentially discoverable.

Other platforms may be built differently. Oasys deletes the transcript once the note is signed and locked, so what remains is the finished clinical record, not a verbatim log of everything said in the room.

The legal exposure is concrete. A persisted transcript is a second, more detailed record of the session that can be reached by subpoena. Clinicians working with sensitive populations, including those who have asked us directly about subpoena risk, should confirm the deletion lifecycle with any platform they use, in writing.

Myth 4: AI tools use your session content to train their models

Whether training data is collected depends entirely on the vendor agreement and any Business Associate Agreement (BAA) in place. A BAA with an AI subprocessor, such as an LLM provider, should contractually prohibit PHI from being used for model training.

This is not something to infer. It is something to ask directly: "Is any session audio, transcript, or note content used for model training or improvement?" If the answer is unclear or hedged, that is your answer.

HIPAA applies to everyone here: a covered entity using a vendor that touches PHI needs a signed BAA, and that BAA governs what the subprocessor may and may not do with the data. The training question is downstream of that contract. Read it, or ask the vendor to point you to the clause.

Myth 5: If AI notes need too much correction, they are not worth the time

This objection is real and fair: a tool that requires heavy fact-checking on every note doubles the work rather than reducing it. The right benchmark is whether the output requires less total time than writing from scratch, across your actual note types.

Performance is not uniform across documentation. Checkbox-heavy mental status sections and highly structured assessments are harder for AI than narrative progress notes. Understanding where a specific tool performs well is more useful than a blanket verdict.

So test it against your real caseload. If a tool saves time on your progress notes but not your structured intakes, that is useful information, not a reason to dismiss the whole category.

So, is it safe?

Safety is verifiable, not assumed. A tool is safe to use for therapy notes when you can confirm each of the following, in writing:

  1. Audio: the session audio is not stored after the session ends.
  2. Consent: clients can opt in or out individually, not just practice-wide.
  3. Transcript: the transcript has a defined deletion lifecycle (Oasys deletes it once the note is signed and locked; other tools vary).
  4. Training: a signed BAA prohibits session content from being used to train or improve models.
  5. Fit: the output saves total time on your actual note types, not just the easy ones.

If a vendor answers all five clearly, AI notes are as safe as the rest of your compliant EHR. If a vendor hedges on any of them, the hedge is the signal.

[@portabletext/react] Unknown block type "faq", specify a component for it in the `components.types` prop

Safety here is not a leap of faith. It is a short list of questions with verifiable answers, and the vendors worth trusting are the ones who answer them plainly.