AI scribes in your doctor’s office: what the new privacy warning means for patients
If you’ve been to the doctor recently, there’s a growing chance an AI was listening. So‑called AI scribes – voice‑recording software that automatically turns conversations into clinical notes – are being adopted by clinics and hospitals around the world. The pitch is straightforward: doctors spend less time typing and more time with you. But a recent government warning in Australia has highlighted a number of privacy risks that patients should be aware of before their next appointment.
What happened: Australia’s official caution
In July 2026, the Australian government issued a formal warning about the use of AI scribes in healthcare settings. The alert, reported by The Guardian, specifically flagged concerns over how patient data is collected, stored, and shared when these tools are used. The government noted that many AI scribe services transmit audio or transcripts to third‑party servers for processing, and that in some cases patients are not explicitly informed – or asked for consent – before the recording begins.
While the warning was directed at Australian providers and developers, the underlying issues are global. AI scribe platforms are often built by companies headquartered in other countries, and health data may be subject to different privacy laws depending on where it is stored.
Why it matters for your privacy
When you speak with a doctor, you expect that conversation to stay confidential. That expectation is protected by laws like the Health Insurance Portability and Accountability Act (HIPAA) in the United States, and similar regulations elsewhere. But AI scribes introduce new wrinkles:
- Data storage: Even if a clinic uses an AI scribe that claims to be HIPAA‑compliant, the audio or transcript may still be stored on the software company’s servers – possibly in another country.
- Consent gaps: Some clinics enable AI scribes by default without telling patients. You may not realise the conversation is being recorded for note‑taking purposes.
- Data breaches: Like any cloud‑based service, AI scribe platforms can be hacked. A breach could expose sensitive health information, including details about diagnoses, medications, or mental health.
- Secondary use: Some AI scribe services use anonymised data to train their models. While “anonymised” is supposed to protect identity, re‑identification risks exist.
The Australian warning also pointed out that existing privacy laws may not be keeping pace with these new tools. In the U.S., for example, HIPAA does not always require explicit patient consent for a doctor to use a third‑party note‑taking service – as long as the service has a business associate agreement in place. That leaves patients largely in the dark.
What you can do: questions to ask before your next visit
You have a right to know how your health data is being handled. Here are four practical questions to ask your doctor or the front desk:
“Are you using an AI scribe during my appointment?”
If yes, ask which software and whether it records audio or only processes live speech without storage.“Where is my data stored, and for how long?”
Find out if transcripts are kept on a local server or sent to the cloud, and what the retention policy is.“Can I opt out without affecting my care?”
You should be able to decline AI scribe use and still receive the same quality of care. Some clinics may offer a manual note‑taking alternative.“Have you reviewed the software’s privacy policy and data security?”
A clinic that has done its homework should be able to explain how the vendor handles data, including whether it’s used for training.
Current regulations: gaps and patches
No single global regulation covers AI scribes comprehensively. In the U.S., HIPAA applies if the scribe is used by a covered entity, but enforcement is complaint‑driven, and many smaller clinics lack the resources to verify compliance thoroughly. The European Union’s GDPR gives patients more rights to access and delete their data, but enforcement across borders remains uneven.
Australia’s warning is a sign that regulators are starting to scrutinise these tools more closely. However, until binding rules are updated, the burden largely falls on patients to ask questions and on healthcare providers to act transparently.
Practical steps to protect yourself
- Ask before each appointment. Don’t assume a “no recording” sign means an AI scribe isn’t running.
- Request a copy of your notes. You can often ask for the clinical notes generated by the scribe to see what was captured.
- Check your clinic’s privacy notice. Many practices now include a section about AI tools. Read it before your visit if possible.
- If something feels off, speak up. You have the right to stop the record at any point.
Staying informed
AI scribes are likely here to stay – they save doctors time and can improve accuracy in some cases. But that efficiency should not come at the cost of your privacy. The Australian government warning is a useful reminder that while technology moves fast, regulations and patient awareness need to keep up. By asking a few simple questions, you can stay in control of your own health information.
Sources: The Guardian (July 2026) – “Doctors’ soaring use of AI scribes prompts Australian government warning over privacy”. Additional context from HIPAA and GDPR provisions.