CouchNotes

Why "HIPAA compliant" isn't enough — where your session audio actually goes

Every AI scribe’s homepage says the same two words: HIPAA compliant. They appear next to a shield icon, usually in the footer, sometimes in the hero. And for most therapists evaluating these tools, that badge is doing a lot of load-bearing work it was never designed to do.

Here’s the uncomfortable part: “HIPAA compliant” is a statement about legality, not about where your client’s voice goes. A vendor can be fully, genuinely HIPAA compliant while uploading every session to their servers, keeping transcripts for years, and using de-identified versions of your clients’ words to improve their models. None of that is a scandal. All of it can be legal. The badge tells you the paperwork is in order — it does not tell you what happens to the audio.

What HIPAA compliance actually promises

When a cloud scribe says it’s HIPAA compliant, it generally means:

  • They’ll sign a Business Associate Agreement (BAA) — a contract making them legally responsible for safeguarding protected health information they handle for you.
  • They maintain required administrative, physical, and technical safeguards — encryption, access controls, audit logs, breach-notification procedures.
  • Their staff access to your data is governed and logged.

These are real protections, and a vendor that offers a BAA is meaningfully safer than one that doesn’t. If you use any cloud tool with client data, you should have a BAA in place — that’s not in question.

What HIPAA compliance doesn’t promise

What the badge does not tell you:

Where processing happens. Cloud scribes process audio on their servers (or their subprocessors’ servers — often a cloud provider and an AI model provider behind the scenes). Your client’s voice travels, full stop. The BAA governs that travel; it doesn’t eliminate it.

How long anything is retained. Retention policies vary widely between vendors and between settings within the same product. Some default to keeping transcripts indefinitely until you delete them. The badge is silent on this — only the privacy policy and your settings tell you.

What “de-identified” data can be used for. This is the clause that surprises therapists most. Under HIPAA, properly de-identified data is no longer protected health information at all — meaning a vendor can retain it and use it, including for improving their models, without violating HIPAA. Your client’s story, with the names stripped out, can be perfectly legal training material. Whether a specific vendor does this is in their privacy policy and data-use terms — and those documents, not the badge, are where the answer lives.

What happens in a breach. Safeguards lower risk; they don’t zero it. Every server holding session data is a target that exists. A breach at a scribe vendor is a breach of your clients’ most sensitive disclosures, with your name on the consent form.

The question your clients are actually asking

When a client hesitates about recording, they’re rarely asking “does this vendor have a BAA?” They’re asking: “Who else hears this?”

“It’s HIPAA compliant” doesn’t answer that question. “The audio is processed on this computer and deleted when I finish my note” does. One is a claim about legal posture; the other is a claim about physics.

This distinction is showing up across therapist communities: clinicians comparing scribes increasingly report that what they want isn’t a stronger compliance page — it’s tools that do not retain session data and do not use it to train models. For many, anything else is a dealbreaker, badge or no badge.

How to actually evaluate a scribe vendor

If you’re comparison-shopping (most therapists look at several before choosing), skip the badge and ask these six questions — every one is answerable from a vendor’s own documents, or by asking their support directly:

  1. Where is audio processed? On-device, or on your servers / your subprocessors’ servers?
  2. How long is audio retained, and what’s the default? Not the minimum possible setting — the default.
  3. How long are transcripts and notes retained?
  4. Is any data — including de-identified data — used to train or improve models? Get this in writing.
  5. Who are the subprocessors? The AI model behind the scribe is often a third party with its own terms.
  6. What happens when you delete your account? Deletion timelines and backup retention matter.

A vendor with good answers will give them plainly. Vagueness on questions 2 and 4 is itself an answer.

The structural alternative

There’s one architecture where most of these questions dissolve rather than needing good answers: processing that never leaves your machine.

When transcription and note drafting run locally — on your own computer, with models stored on your own disk — there is no server-side retention policy to evaluate, because there is no server side. No subprocessor list. No de-identification clause. No breach surface beyond the device you already protect. The audio exists in one place, and deleting it means it’s gone.

That’s the bet we’re making with CouchNotes: on-device transcription and drafting on your Mac, audio deleted by default when you finalize a note, no account, one-time price. It’s not the right tool for everyone — if you need cross-platform access or telehealth-integrated capture, a cloud scribe with a strong BAA and good retention defaults may serve you better, and our comparison pages say so plainly.

But whichever way you go, go with your eyes open: the badge means it’s legal. Your client is asking where their voice goes. Make sure you can answer the second question, not just the first.

Evaluating tools right now? The free client AI-consent templates include the disclosure language for both cloud and on-device workflows, and the Mac scribe roundup compares the major options honestly.

Dario Valles

Building CouchNotes — on-device AI session notes for therapists on macOS. Sessions never leave your Mac; that's the whole point.

Join the waitlist