Doctors using AI scribes? What you need to know about your medical privacy

A new warning from Australia’s government has put a spotlight on a quietly spreading technology in healthcare: AI scribes. These tools listen to doctor-patient conversations, transcribe them, and generate clinical notes. The convenience is obvious—but so are the privacy risks. Here’s what happened, why it matters, and what you can do.

What happened

In July 2026, the Australian government issued a formal warning about the use of AI transcription tools—often called AI scribes—in medical practices. The warning came after a sharp increase in adoption. According to reports, the government flagged concerns over how these tools handle patient data, especially when recordings or transcripts are stored on third‑party servers, used to train AI models, or accessed by unauthorised parties.

The warning was widely covered, including by The Guardian, which noted that doctors’ use of AI scribes had soared, prompting the government to act. The exact regulatory steps remain under development, but the message was clear: patients should be aware that their conversations may be recorded and processed by AI systems.

Why it matters

AI scribes are not just voice recorders. They typically upload audio or near‑real‑time text to cloud services, where artificial intelligence extracts key medical details and formats them into notes. This creates several risks:

  • Data storage and retention. Where is your medical conversation stored? For how long? In some cases, the default settings may keep recordings or transcripts indefinitely, increasing exposure in the event of a breach.
  • Use for training AI models. Companies behind these tools may use anonymised or aggregated data to improve their algorithms. “Anonymised” is not always bulletproof—re‑identification can be possible, especially with health data.
  • Unauthorised access. The more parties involved (doctor’s office, scribe software vendor, cloud provider), the more potential entry points for a data leak or cyberattack.
  • Patient consent and awareness. Many patients are not told that an AI scribe is listening. Even if they are, they may not fully grasp the implications.

The Australian warning is significant because it signals that regulatory bodies are paying attention. For patients elsewhere—including in the US, UK, Canada, or Europe—this is a reminder that similar tools are being adopted rapidly, often without equivalent safeguards.

What readers can do

You do not have to accept AI scribes as an invisible part of your visit. Here are practical steps:

  1. Ask before the appointment. When booking, ask whether the practice uses any AI transcription or note‑taking tools. You can phrase it neutrally: “I’m curious about how my visit notes are created—do you use any automated systems?”

  2. Request alternatives. If you are uncomfortable, ask if the doctor can take notes manually or type directly into the electronic health record without a third‑party AI service. Most practices will accommodate a reasonable request.

  3. Check your local privacy laws. In many jurisdictions, health information is protected by specific regulations (HIPAA in the US, GDPR in Europe, Privacy Act in Australia). Find out whether the AI scribe vendor is required to sign a business associate agreement or data processing contract. Ask your doctor’s office if they have one.

  4. Limit sensitive disclosures if concerned. If you cannot avoid AI scribes and you are worried about highly sensitive information (mental health history, genetic results, etc.), consider delaying those discussions or asking for a separate, non‑recorded consultation.

  5. Pay attention to consent forms. Some clinics now have consent forms for AI transcription. Read them carefully. Look for clauses about data storage location, deletion policies, and sharing with third parties.

Sources

  • The Guardian – “Doctors’ soaring use of AI scribes prompts Australian government warning over privacy” (July 2026)
  • Australian government official communication (July 2026) – referenced in multiple news reports

Note: The specifics of regulatory changes in Australia are still emerging. If you are a patient in Australia, monitor the Office of the Australian Information Commissioner (OAIC) for updates on enforcement guidance.