How to protect your privacy when your doctor uses an AI scribe
Doctors in Australia and elsewhere are rapidly adopting AI-powered “scribes” that listen in on consultations, transcribe conversations, and automatically generate clinical notes. The trend promises efficiency and reduced paperwork, but a recent warning from the Australian government has put a spotlight on serious privacy risks. If you’ve ever wondered whether your medical appointment is being recorded and where that recording ends up, you’re not alone. Here’s what’s happening and what you can do about it.
What happened
In July 2026, the Australian government issued a formal warning about the privacy implications of AI scribe tools used in healthcare settings. The warning, reported by The Guardian, highlighted concerns that these tools record doctor–patient conversations, store the data on cloud servers, and may share it with third‑party vendors—all without patients’ clear, informed consent.
The technology itself isn’t new. Products like Nuance DAX (powered by Microsoft) and similar ambient‑listening tools have been in use for several years, particularly in the United States. But their adoption has surged recently, as healthcare systems seek to relieve administrative burden on clinicians. In Australia, the uptake has been especially quick, prompting the government’s caution.
Why it matters
At first glance, an AI scribe might seem harmless—it’s just taking notes so your doctor can focus on you. But the privacy trade‑offs are significant:
- Continuous recording: The tool is always on during the appointment, capturing not just clinical facts but also personal anecdotes, family history, and even off‑the‑cuff remarks.
- Cloud storage and third‑party access: Audio or transcribed data is frequently sent to external servers for processing. The companies behind those services may have access to the raw material, and data‑sharing agreements are not always transparent.
- Potential for breaches: Medical data is among the most sensitive personal information. Even a single breach can expose conditions, medications, and lifestyle details.
- Lack of explicit consent: Many patients are not told that an AI tool is recording the session, or they are asked to sign a generic consent form that fails to explain the full extent of data handling.
The Australian government’s warning underscores that current practices may not comply with the Privacy Act 1988, which requires organisations to handle personal information fairly and transparently. In the US, similar concerns exist under HIPAA, though the law’s applicability to AI scribes can be ambiguous depending on how the tool is deployed.
What readers can do
You don’t have to accept AI scribes without question. Here are concrete steps you can take to protect your medical privacy.
Ask before the appointment starts
Before any consultation begins, you have a right to know if an AI scribe is being used. Simply ask:
“Are you recording this conversation with an AI tool?”
If the answer is yes, follow up with:
“Who has access to the recording, and how is it stored?”
A respectful but direct question usually prompts a clearer explanation than a consent form could.
Understand the consent form
If you’re asked to sign a consent form for an AI scribe, read it carefully. It should state:
- What data is collected (audio, transcript, or both)
- Whether it’s stored in Australia or overseas
- How long it’s retained
- Who can access it (the clinic, the software vendor, subcontractors)
- Whether you can have the recording deleted after the note is generated
If the form is vague, ask for specifics. In Australia, the Office of the Australian Information Commissioner (OAIC) has guidelines on what constitutes meaningful consent.
Opt out if you’re uncomfortable
You are allowed to decline. In most healthcare settings, the use of AI scribes is optional, and the doctor can still take notes manually or use a traditional dictation system. If you opt out, the clinic must not deny you care. If they pressure you, consider it a red flag and, if necessary, raise a complaint with the relevant health or privacy authority.
Request a clear privacy policy
Ask the practice for a written explanation of how they use AI scribes, or check their website. A responsible provider will have a policy that addresses the above points. If no policy exists, you’re right to be uneasy.
Know your rights for accessing and correcting data
Under the Australian Privacy Act (and HIPAA in the US), you have the right to request copies of your health records, including any notes generated by an AI scribe. You can also ask for errors to be corrected. If you suspect a breach, you can lodge a complaint with the OAIC or, in the US, with the Department of Health and Human Services.
Looking ahead
The Australian government’s warning is likely to prompt stricter guidelines—possibly even a formal ban on certain uses of AI scribes without explicit, opt‑in consent. Similar debates are happening in the UK and Canada. In the meantime, patients would do well to stay informed and assertive.
AI tools will continue to appear in healthcare, but they should enhance the doctor–patient relationship, not erode trust in it. By asking the right questions and knowing your rights, you can keep your medical data under your own control.
Sources
- The Guardian, “Doctors’ soaring use of AI scribes prompts Australian government warning over privacy,” July 5, 2026.
- Office of the Australian Information Commissioner (OAIC), guidance on consent and health information.
- US Department of Health and Human Services, HIPAA Privacy Rule.