Quick answer (for featured snippet)
HIPAA-safe AI therapy notes require a vendor that signs a BAA, encrypts data in transit and at rest, provides role-based access and audit logs, and offers clear deletion/training policies. Test with de-identified or synthetic transcripts, use constrained SOAP/DAP prompts, and treat all AI output as a draft until a clinician signs.
This post is part of our complete guide to HIPAA-Compliant AI for Behavioral Health Practices.
Overview
This guide helps clinicians evaluate, trial, and adopt AI-assisted clinical documentation while protecting patient health information. It summarizes HIPAA fundamentals, vendor vetting, safe trial tactics, de-identification steps, SOAP and DAP prompt templates, and criteria for moving from trial to production. Use the checklists to structure vendor conversations and the copy-paste prompts for rapid testing. Apply the decision points to assess whether a product meets your privacy and clinical standards.
HIPAA essentials for AI documentation tools
AI workflows can expose protected health information. Treat vendors that handle or process PHI as business associates. A single unsecured field or an unprotected API call can create a breach.
For the specific case of ChatGPT and the January 2026 + April 2026 OpenAI healthcare-product launches, see Is ChatGPT HIPAA Compliant? 2026 Guide.
Expect these controls from any vendor that claims HIPAA compliance:
- A signed Business Associate Agreement
- Encryption for data at rest and in transit
- Role-based access controls (RBAC)
- Immutable audit logs
- Documented retention and deletion policies
Red flags: vendors that refuse to sign a BAA, use customer data for training without an opt-out, vague export controls or data residency, or can’t document where processing occurs. If unclear, pause the trial.
2026 update: OpenAI launched ChatGPT for Healthcare (January 2026) and ChatGPT for Clinicians (April 2026). Neither replaces a purpose-built behavioral-health tool for most solo or group practices. See Is ChatGPT HIPAA Compliant? 2026 Guide for the current state of BAA availability and product limits.
Vendor vetting checklist
Ask for written evidence and keep all artifacts in your compliance file.
- BAA: Will you sign it, and what services/data flows does it cover (hosting, inference, analytics, backups)?
- Data flows: Where does raw text travel and where does inference occur (on-prem, private cloud, third-party API)? Provide model training and deletion policies.
- Security certifications: SOC 2 or HITRUST? Audit dates? Encryption standards for transit and at rest?
- Access and logging: SSO, RBAC, sample audit logs, log retention, export options.
- Incident response: Breach notification timelines, IR plan, sample notifications, escalation paths.
- Documentation: Data flow diagram and where backups/logs/keys reside.
How to test free trials without exposing PHI
Do not paste identifiable patient data into general-purpose AI text fields during a trial. Treat free accounts as untrusted until the vendor signs a BAA and documents processing boundaries.
Three safe approaches:
- Synthetic sessions: Fictional cases that mirror your workflows (symptoms, length, goals) without identifiers.
- Structured mock cases: Templates with placeholders for names/dates/unique events; run identical mocks across vendors.
- Redacted real cases: Fully remove or generalize PHI; keep any re-linking map offline and never upload it.
Validate vendor behavior: ask if trial submissions are retained, used to improve models, or exposed to humans/contractors. Document responses, test transcripts, and configuration screenshots for compliance review.
De-identification best practices
Remove direct identifiers and reduce re-identification risk from context.
- Replace identifiers with placeholders like [PATIENT_AGE], [SESSION_DATE_MINUS_3], [CITY_REGION]
- Generalize dates/locations (e.g., “week of June,” “urban neighborhood”)
- Aggregate unique events when specifics are not clinically necessary
- Use automated de-id plus manual spot-checks for contextual identifiers
- Keep re-linking maps offline, encrypted, and never uploaded
SOAP note workflow and prompt templates
Follow five steps: capture session text, de-identify input, run the AI prompt, review and correct output, and import/store the signed note in your EHR. Always validate clinical content before finalizing.
Concise SOAP prompt
- Role: You are a clinical documentation assistant for outpatient behavioral health.
- Structure: Return S, O, A, P sections.
- Constraints: Limit S to 2–3 sentences; O lists observations/scores; A includes diagnostic impression and rationale; P lists interventions, follow-up, and time-bound goals.
- Tone: Professional clinical tone; flag details you cannot verify.
Short intake prompt (copy/paste):
"You are an AI clinical scribe. Using the de-identified session below, create a SOAP note with labels Subjective, Objective, Assessment, Plan. Subjective: 2-3 sentences on chief complaint and symptom change. Objective: list observations and standardized scores. Assessment: one diagnostic impression and brief rationale. Plan: three action items with timeframes. Indicate any missing data."
Extended progress prompt:
"You are a licensed clinician assistant producing a progress SOAP note from de-identified input. Expand Subjective to include mood, sleep, appetite, and medication adherence. In Objective, include clinician observations, scales, and risk assessments. In Assessment, provide differential if relevant and cite guidelines or scales used. In Plan, list therapy interventions, medication changes or referrals, measurable goals, and next appointment timing. Mark uncertainty and quote input phrases that support conclusions."
Review rule: confirm Assessment and Plan against your clinical judgment; sign/date; document significant edits; retain the de-identified source if policy requires an audit trail. For accuracy expectations when comparing AI drafts to clinician-authored notes, see AI Therapy Notes: Accuracy vs. Human Documentation.
DAP notes and treatment-plan generation
DAP fits psychotherapy because it separates Data, Assessment, and Plan.
DAP prompt pattern:
"You are an AI assistant writing a DAP psychotherapy note from de-identified session text. Create 'Data' with subjective statements and clinician observations. In 'Assessment', provide a clinical formulation linking symptoms to functioning and note change from baseline. In 'Plan', list specific interventions, one measurable goal with a timeframe, and any referrals."
Treatment-plan prompt:
"From the de-identified clinical summary, propose three evidence-based, measurable treatment goals with associated interventions and timelines. For each goal include baseline, target behavior or symptom, measurement method, timeline in weeks, and modality (CBT, behavioral activation, medication review, etc.). Flag recommendations that lack evidence."
Require sources for intervention recommendations; mark them as suggested; validate goals for specificity, measurability, and time-boundedness; document clinician rationale for any changes.
Practical pilot workflow
Design a small, measurable pilot.
- Scope: one clinician or small team; start with non-sensitive cases; define success metrics (time saved, accuracy vs clinician notes, edit rate).
- Environment: test accounts/sandbox; disable PHI syncing/auto-export; set short retention for trial artifacts; document vendor retention settings.
- Testing: process 10–30 de-identified sessions; compare AI vs clinician notes; log discrepancies with severity; track edit time and clinician feedback.
- Review: include compliance, IT, and supervisors before rollout.
Security and technical controls checklist
- Encryption and keys: TLS in transit, AES-256 at rest; clarify key management and customer-managed keys.
- Access: RBAC, SSO, MFA for admins; session timeouts; rapid access revocation.
- Audit: immutable, exportable logs capturing access/export with timestamps/IPs; SIEM integration; alerts for anomalous access.
- Model handling: whether customer data trains models; opt-out; isolated inference or private models preferred.
Upgrade criteria: free vs paid
Free trials often lack BAAs, deletion guarantees, and audit logs. Upgrade when you have a signed BAA, on-prem/private-cloud options, robust logging, EHR integrations, and support SLAs. Consider batch imports, templated prompts, and clinician sign-off flows.
Use cost-benefit signals: time saved per note, reduced backlog, billing accuracy. Confirm clinical quality and safety metrics before expanding use.
Documentation liability, clinical responsibility, and consent
Clinicians own assessments and plans. AI drafts must be reviewed, corrected, and signed. Update practice policies and, if appropriate, informed consent to reflect AI use. Sign/date AI-assisted notes, document major edits, and avoid storing re-identification maps in unsecured locations.
Resources, templates, and next steps
Assemble: de-id checklist, SOAP/DAP prompt templates, vendor vetting checklist, and a short trial protocol with success metrics. Run a 2–4 week pilot with de-identified data, capture time/accuracy metrics, and have compliance review the BAA and controls. If criteria are met, expand with regular checkpoints.
Evaluate HIPAA-aligned products—consider PsyFiGPT for SOAP/DAP workflows. Also see our guides on ChatGPT HIPAA compliance and TherapyFuel vs. PsyFiGPT for related context.