Your clients trust you with information they don't share with many people. The tools you choose should honor that trust as seriously as you do.
You hold sensitive information about the people you serve. Some of it is organized: intake forms, session notes, health histories. Some of it lives in less formal places: a Google Doc with client preferences, a text thread about a scheduling change, a mental note about something a client shared in confidence.
If you’re considering AI tools to help with documentation or workflows, let’s talk about what safeguards your client data requires, and how to evaluate tools against them before you commit.
What applies for holistic practitioners
Most holistic practitioners are not HIPAA-covered entities. HIPAA applies to healthcare providers who transmit health information electronically in connection with certain transactions, primarily insurance billing. If you don’t bill insurance, you’re likely not covered.
But HIPAA is not the only consideration. Here’s what still applies:
State privacy laws. Several states have enacted comprehensive privacy laws that apply regardless of your HIPAA status. California’s CCPA/CPRA, Virginia’s VCDPA, Colorado’s CPA, and others create obligations around how you collect, store, and share personal information. If your clients are in these states, these laws may apply to you.
What applies now: the SHIELD Act. New York's Stop Hacks and Improve Electronic Data Security Act has been in effect since March 2020. It applies to any business or sole proprietor that holds private information about New York residents — including client health data, email addresses, and financial account numbers — regardless of whether you are based in New York or not. If your clients are in New York, it applies to you.
The SHIELD Act requires that you implement and maintain "reasonable" data security practices. This isn't a prescriptive checklist — it's a standard of care. Choosing AI tools that store client data securely, don't share it with third parties, and allow you to delete it on request is exactly the kind of practice the law envisions.
What's coming: the New York Health Information Privacy Act (NYHIPA). This is the one to watch, and it's directly relevant to holistic practitioners. NYHIPA passed the state legislature in January 2025 with strong bipartisan support, then was vetoed by Governor Hochul in December 2025 after pushback from industry groups who argued the definitions were too broad. A revised version (S9269) was reintroduced in February 2026 and is actively advancing through committee as of mid-2026.
Here's why this matters for you specifically: NYHIPA is designed to cover health information that falls outside HIPAA — exactly the situation of wellness practitioners who don't bill insurance. It defines "regulated health information" broadly to include anything reasonably linkable to an individual that relates to their physical or mental health, wellness habits, or health-related browsing. Session notes, intake forms, and health histories kept by acupuncturists, yoga therapists, and other holistic practitioners would almost certainly qualify.
If NYHIPA passes in its current or revised form, it would require you to obtain explicit consent before collecting or sharing that information, give clients the right to access and delete their data, and implement specific safeguards. The AI tools you choose now — ones with strong data handling practices, clear deletion policies, and no third-party data sharing — would already put you in a strong position to comply.
Professional ethics codes. Your professional association’s code of conduct likely already addresses confidentiality, informed consent, and responsible handling of client information — even if it doesn’t mention AI specifically. The principles apply regardless of whether the tool is a file cabinet or a chatbot.
The NCCAOM has established a dedicated AI Taskforce focused on responsible integration, patient safety, and ethical standards — one of the more forward-looking moves in any holistic professional association. Formal AI-specific guidelines may follow. In the meantime, the NCCAOM's existing ethics standards around patient confidentiality and informed consent apply directly to how you handle AI tools that touch client records.
Yoga Alliance hasn't issued AI-specific guidance yet, but their existing Code of Conduct already covers the principles that matter most: honesty in communication, accurate representation, and privacy and consent when collecting student or client data. These standards apply to the tools you use to manage that information, not just the clinical decisions you make with it.
For Yoga Therapists specifically, the International Association of Yoga Therapists (IAYT) holds its members to standards of confidentiality that are closely aligned with clinical practice. If you are credentialed through IAYT, treat AI tools that touch client information with the same care you'd give any other part of your clinical record-keeping.
General consumer protection law. The FTC has broad authority over unfair and deceptive practices. If you tell clients their information is private and then feed it into an AI tool that trains on your inputs, that’s a problem whether or not HIPAA applies to you.
The FTC has been increasingly active on AI-related consumer protection. Most enforcement so far has focused on advertising and sponsored content, with disclosure requirements for AI-generated material that began in late 2025. But the agency's broader authority covers any business practice that misleads consumers about how their data is handled, including for health and wellness practitioners, with the Safeguards Rule.
The practical implication: if your intake forms or privacy disclosures say your clients' information is kept confidential, and you're using a free AI tool that trains on user inputs without scrubbing personal identifying information, you may have a problem. The FTC standard and your clients' reasonable expectations point in the same direction: don't let your tools contradict your promises.
Beyond the law: building client trust
The holistic health and wellness space sits in an unusual position when it comes to data privacy. You’re not a hospital. You’re probably not billing insurance electronically. But you’re holding information that your clients consider private: their health concerns, their emotional state, details about their bodies and their lives that they’ve shared because they trust you.
That trust is the foundation of your practice. Any tool you bring into your workflow that touches client information needs to be worthy of it. No matter what regulation applies for your practice, your clients will appreciate knowing that their information is safe.
What AI tools actually do with your data
Not all AI tools handle your data the same way, and the differences matter.
Training on your inputs
Some AI tools use the data you provide to improve their models. That means the content of your session notes, your client’s health history, or the intake form you pasted in could become part of the system’s training data. Increasingly that data is scrubbed of personal identifying information before it’s used, and it’s worth checking to be sure.
Many major AI providers have free tiers that train on inputs and paid tiers that don’t. For this reason, don’t just evaluate the claims made by a tool in their marketing content — dig into the subscription details on their pricing page, and the specifics outlined in their privacy and security pages.
This plays out differently depending on the tool. Among AI scribing tools, for example, Heidi Health does not train on your data in any tier, including the free version. Otter.ai, by contrast, does use de-identified user data to train its models — the process is automated and audio isn’t manually reviewed, but the data enters their training pipeline. (For a fuller comparison of AI scribing tools and their privacy postures, see “AI Session Notes in Under an Hour”.)
For general-purpose AI assistants, the pattern is similar: free tiers often train on inputs by default, while paid tiers typically don’t — but only when data sharing is explicitly turned off or when the paid plan’s terms exclude it. Always check the specific plan you’re on, not just the company’s general policy.
What data storage and privacy language actually signals
You may have heard of Business Associate Agreements (BAAs) — contracts between you and a service provider that govern how they handle protected health information. If you are a HIPAA-covered entity, you need a BAA with any AI tool that touches client data. For most holistic practitioners, that isn’t your situation, and a BAA isn’t a make-or-break requirement.
What matters more is the substance behind the BAA: the actual infrastructure and contractual commitments that tell you how a company treats your data. A company that offers a BAA has generally built data handling systems worthy of it — encrypted storage, clear retention limits, deletion protocols, audit trails. You can look for that same substance even when a formal BAA isn’t part of the picture.
When reading a tool’s privacy policy or security page, here’s the language to look for:
Encryption at rest and in transit. This means your data is encrypted while stored on their servers and while moving between your device and theirs. Look for phrases like “AES-256 encryption,” “TLS encryption,” or “end-to-end encryption.” If a privacy page doesn’t mention encryption at all, that’s a gap worth noting.
No sale or sharing of your data with third parties. Look for language like “we do not sell your personal data” or “we do not share your data with third parties for marketing or advertising purposes.” Vague language like “we may share data with trusted partners” is worth scrutinizing — who are those partners, and for what purpose?
Data minimization. Some tools collect only what’s needed to deliver the service. Others collect behavioral data, usage patterns, and metadata that goes well beyond what the tool needs to function. A company that practices data minimization will usually say so.
Subprocessor transparency. Any company that uses cloud infrastructure (AWS, Google Cloud, Azure) is technically passing your data through a third-party subprocessor. Reputable companies maintain a list of their subprocessors and notify customers when that list changes. If a privacy policy is silent on subprocessors, that’s worth a direct question to the company.
BAAs are still worth noting as a signal. If a company offers one — even if you don’t need it — it suggests they’ve built the infrastructure and accountability structures that serious data handling requires. But it’s the underlying practices that matter, and you can evaluate those directly.
Zero data retention
Some AI providers go further with what’s called “zero data retention”: your inputs are processed and then deleted, not stored on their servers at all. This is a stronger privacy posture than simply not training on inputs, because it means the data isn’t sitting on someone else’s server once the session is over.
When reviewing a tool’s privacy policy, look for language like:
- “Audio recordings are deleted after transcription is complete”
- “We do not retain your inputs after processing”
- “Data is purged from our servers within [X hours/days] of your session”
- “Zero data retention” or “no persistent storage of user inputs”
Heidi Health, for example, destroys audio recordings after generating the transcript and notes — meaning the most sensitive part of your session doesn’t persist anywhere after the tool has done its job. That’s meaningfully different from a tool that processes your inputs and then stores them indefinitely, even if it isn’t training on them.
Providers building with privacy at the center
A growing number of AI providers are building specifically in response to the ethical failures of larger tech companies. These are worth knowing about:
Lumo (by Proton, the company behind Proton Mail) is an AI assistant with zero-access encryption, open-source code, and a commitment to never using your data for training. Learn more on their website.
Confer offers end-to-end encryption and a no-training, no-selling data policy. Learn more on their website.
Ellydee runs on 100% renewable energy in Finnish data centers and reports a 52% reduction in electricity use per query through its eco-mode. Learn more on their website.
Heidi is an AI-powered medical scribe and care app that includes some of the highest levels of data security and privacy compliance in the industry across all subscription tiers, including the free version. Learn more on their website.
These aren’t the only options, but they represent a different approach: privacy and environmental responsibility built into the foundation, not bolted on as a premium feature.
Five questions before you adopt any AI tool
You don’t need to read a 40-page terms of service. You need to answer five questions, and most companies make it possible to find the answers quickly if you know where to look.
1. Does this tool train on my inputs?
Where to look: Search the tool’s privacy policy or FAQ for “training,” “model improvement,” or “data usage.” Many tools have a dedicated section called “How we use your data” or “Your data and AI.”
What you want to see: A clear statement that your inputs are not used to train or improve models, ideally by default and not just as an opt-out buried in settings.
Watch out for: Free tiers that train on inputs while paid tiers don’t — and language like “de-identified” or “aggregated” data that technically isn’t your data anymore but still entered the pipeline from your sessions.
2. Does this tool store my data, and for how long?
Where to look: Search the privacy policy for “data retention,” “storage,” “how long we keep your data,” or “retention period.” Some tools also address this in a FAQ or security page.
What you want to see: Explicit limits on how long your data is stored — ideally with audio or raw inputs deleted after processing, and session data retained only as long as you’re actively using the tool. Look for zero data retention language (see above) as the strongest signal.
Watch out for: Vague language like “we retain data as long as necessary to provide our services” without a defined period. This language is legal but tells you almost nothing.
3. Does it comply with the legal requirements in my state?
Where to look: Search the tool’s privacy policy or compliance page for your state’s law by name: “SHIELD Act,” “CCPA,” “VCDPA,” etc. Some tools list their compliance certifications explicitly. Others will have a table or matrix of regulations they comply with.
What you want to see: Acknowledgment of your state’s requirements and a clear explanation of how the tool meets them. A tool used by healthcare providers in your state should be familiar with those obligations.
Under New York's SHIELD Act, you need to be able to demonstrate that the tools you use implement "reasonable" data security. There's no official certification for this, but you're in a strong position if you can point to a tool that: uses encryption for data at rest and in transit, limits who has access to your data, has a process for responding to data breaches, and allows you to delete your data on request.
If a tool's privacy page doesn't address these things and you're serving New York clients, it's worth reaching out to ask — or choosing a tool that's more transparent about its practices.
Watch out for: Tools that only reference HIPAA and ignore state privacy laws entirely. HIPAA compliance is not a substitute for state law compliance, especially for practitioners who don’t bill insurance.
4. What encryption and security standards does it use?
Where to look: The tool’s security page (often linked from the footer as “Security” or “Trust & Safety”), or its privacy policy under a section on data protection.
What you want to see: Encryption at rest and in transit (look for AES-256, TLS 1.2 or higher), clear information on where your data is hosted, and ideally a commitment to regular security audits or certifications (SOC 2, ISO 27001).
Watch out for: Security pages that are all marketing language (“we take security seriously”) without technical specifics. A company that has done the work is usually happy to describe it plainly.
5. What happens to my data if I cancel?
Where to look: Search the terms of service for “termination,” “deletion,” or “data retention.” Some tools delete your data immediately upon cancellation. Others retain it for a period. Some retain aggregated or anonymized data indefinitely.
What you want to see: A clear data deletion timeline and a way to export your data before you leave.
Watch out for: Terms that are vague about what happens after cancellation, or that retain “anonymized” or “aggregated” versions of your data indefinitely. Ask yourself whether the anonymization process is described clearly enough to trust.
What to tell your clients
If you’ve done the work above, communicating it to clients is the straightforward part. Most clients don’t want a technical briefing. They want honest answers to a few basic questions.
“Does my information go into AI?”
A truthful answer might sound like: “I use an AI tool to help me [specific task — draft session notes, transcribe our conversation, organize my documentation]. The tool I use does not store your information after processing, and it doesn’t use your data to train its system. Your information stays between us.”
Or, if the picture is more nuanced: “I use a few different tools in my practice, and some of them have AI features built in. For anything that involves your information directly, I use [specific tool] because [specific reason — it doesn’t train on inputs, it offers encryption, etc.]. I’m happy to walk you through the details if you’d like.”
“Is my information safe?”
“I’ve chosen tools that [don’t train on inputs / offer encryption / have a clear data deletion policy — whatever is true]. I reviewed their privacy practices before adopting them, and I revisit those practices regularly. If anything changes, I’ll let you know.”
“Can I opt out?”
“Yes. If you’d prefer I not use AI for any part of your care, I can handle [notes / documentation / whatever applies] manually. Just let me know.”
The goal isn’t to have a perfect answer. It’s to have an honest one that reflects actual due diligence. Clients can feel the difference between a practitioner who has thought about this and one who hasn’t.
For more on how to structure these conversations — at intake, on your website, and when a client pushes back — see “How to Be Upfront About AI in Your Practice: A Disclosure Guide.”
A note on keeping up
The tools, policies, and regulatory landscape covered in this guide will change. That’s not a reason to wait — it’s a reason to start now with what you can verify today, and build in a rhythm for checking back.
A reasonable cadence: revisit your tools’ privacy policies and terms of service once or twice a year, or whenever you adopt a new tool. If a tool you rely on changes its data practices, evaluate whether it still meets your standards. If it doesn’t, look for an alternative before the change takes effect.
Your clients trust you with information they don’t share with many people. The tools you choose should honor that trust as seriously as you do.