In most states, patients recording doctor visits do not need express permission to record. (See exceptions in next question.)
However, regardless of where you live, we recommend recording clinical conversations only after letting others know you’re recording, as a way to build trust and encourage clear communication. Some patients work together with their clinicians to record specific parts of a conversation, like follow-up instructions.
It is always legal to record a doctor’s visit if you have their consent to do so.
If you live in California, Delaware, Florida, Illinois, Maryland, Maine, Massachusetts, Montana, Nevada, New Hampshire, Pennsylvania, or Washington, it is illegal to record a doctor’s visit without consent.
If you live in other states, permission is not required. However, we always recommend getting your doctor or specialist’s permission before you begin recording clinical conversations.
Data is always transmitted via secure channels. For example, when you use Abridge to record a doctor’s visit, your data is encrypted in transit and at rest using the industry best practice encryption standards (e.g. S/MIME, X.509 certificates, TLS) to safeguard your information.
Specifically, data stored is encrypted at the storage level using AES-256. These data encryption keys are stored with the data, encrypted with (“wrapped” by) key encryption keys that are exclusively stored and used inside a secured Key Management Service. AppArmor (a Linux Security Module) security policies are applied to all the containers running the machine learning services. Data is protected as it travels over the internet during read and write operations using HTTPS. We use HIPAA compliant products and services for data storage and processing.
After you finish recording your doctor patient conversation, your audio is run through our machine learning algorithms to generate a transcript of medical mentions. That, as well as any additional information you choose to upload to your account, is securely stored on our servers.
In addition to using state-of-the-art security systems, we also have strict internal access-control policies to prevent privacy violations.
When you use the Abridge app to record doctor visits, you’re in control of your data. We will never share any information without your prior consent.
HIPAA stands for The Health Portability and Accountability Act. It’s a federal set of laws that helps you access your own data from healthcare providers and keeps it private.
All Abridge products use HIPAA compliant servers and products to protect your privacy. We are HIPAA-compliant everywhere we can be.
The Abridge app is a patient-facing tool that helps you record your own health information. While it does not fall under HIPAA regulation, we abide by HIPAA security principles to safeguard your data. However, some aspects of our telehealth solutions do involve providers and are fully HIPAA compliant as a result.
The evidence so far shows that patients want to record their doctor appointment conversations because they value your advice and want to hear it again, and share it with others that are important in their lives (Elwyn, Barr, and Grande 2015).
Patients who want to use the recording for legal purposes would probably not be asking for permission to record.
Yes, patients have a legal right to record. In fact, they do not need permission to record doctor visits in most states in the U.S. Laws will vary based on country. To find out more, read (Elwyn, Barr, and Castaldo 2017).
Yes, there are an increasing number of healthcare organizations that encourage patients to record doctor visits. In fact, Abridge has been recommended by doctors, nurses, and administrators at UPMC for the last year.