Intimate partner violence, therapy documentation, and cloud AI scribes

HIPAA and intimate partner violence: what 45 CFR 164.512(c) actually says

HIPAA contains a specific provision addressing disclosures related to victims of domestic violence, sexual assault, and other crimes. Unlike child abuse mandatory reporting — which imposes an obligation on therapists in all fifty states — the adult domestic violence provision in HIPAA (45 CFR 164.512(c)) is permissive at the federal level: it authorizes a covered entity to disclose protected health information to law enforcement about a patient the covered entity believes has been a victim of domestic abuse, but it does not require the disclosure.

The conditions on that permissive disclosure are specific. The covered entity must believe the patient is a victim of abuse, neglect, or domestic violence. The disclosure must be required by law, or the covered entity must believe the disclosure is necessary to prevent serious harm and the patient is unable to agree due to incapacity or the nature of the emergency. The covered entity must also, to the extent consistent with the patient's safety and law enforcement's investigation, inform the patient of the disclosure. A disclosure made without satisfying these conditions is an unauthorized use of PHI.

The practical consequence: in most non-emergency, voluntary outpatient therapy contexts, a therapist treating an IPV client is not required by HIPAA to report to law enforcement. The client controls whether law enforcement is involved. The therapist's documentation of the session — including the client's description of abuse, the safety assessment, the safety planning conversation, and the therapist's clinical reasoning — is generated and retained within the confidentiality framework the client relies on to disclose safely.

What HIPAA does not address is what happens when that session has been captured as audio by a cloud AI scribe whose vendor retains it as independent business records. The vendor holds that audio under its own retention policies — and the vendor's obligation to produce it in response to legal process is not governed by the therapist's confidentiality framework or by the HIPAA disclosure exception structure that applies to the covered entity.

State mandatory reporting variation for adult domestic violence

State mandatory reporting laws for adult domestic violence are not uniform. Unlike child abuse reporting — where all fifty states impose a mandatory obligation on mental health providers — adult DV mandatory reporting varies significantly by state, injury type, and provider category.

The California model: injury-based mandatory reporting

California Health and Safety Code Section 11160 requires healthcare providers — including licensed mental health providers in some interpretations — to report when they treat a patient for a wound or physical injury inflicted by a firearm or resulting from assaultive or abusive conduct. The obligation is tied to the physical injury presentation, not to the patient's disclosure of the relationship context. A therapist who is not treating a physical injury (in the ordinary outpatient mental health context) is not generally triggered by this provision — but the statute applies broadly to "health care providers," and a therapist who learns of recent physical injury may face questions about its scope. Other states have similar injury-based reporting triggers.

Weapon injury reporting requirements

Many states require reporting of injuries from firearms or other weapons, regardless of the perpetrator-victim relationship. A therapist in these states who learns in session that a client was injured by a weapon may face a reporting obligation independent of any DV-specific analysis. These statutes were designed for emergency room providers but in some states reach licensed outpatient health care providers broadly.

The majority framework: permissive reporting, not mandatory

Most states do not impose a mandatory reporting obligation on licensed therapists for adult domestic violence absent specific injury presentations. Many states have permissive reporting statutes — the provider may report to law enforcement when the provider believes the patient is in imminent danger, even without patient consent, but the decision is the provider's professional judgment call rather than a mandatory statutory duty. The clinician's documentation of that judgment is the clinical and legal record of the disclosure decision.

In all of these contexts, the documentation picture is the same: the therapist documents what the client said, the safety assessment, the reporting decision and its clinical basis, and the safety plan. This documentation is generated under the confidentiality framework that governed the session. What changes in the cloud AI scribe context is that the vendor independently holds the audio from which all of this was generated — and the vendor's response to legal process is not part of the same framework.

What a cloud AI scribe captures from IPV sessions

A cloud AI scribe captures the full session audio. In a session with an IPV client — whether the session is focused on crisis intervention, trauma processing, relationship history, or safety planning — that audio includes categories of content that carry specific safety implications if they reach the perpetrator.

Perpetrator identification

A client discussing their relationship will typically name the person who hurt them. The client will describe the perpetrator's physical characteristics, job, location, habits, and behavior patterns. In the context of a current active abusive relationship, this is exactly the identifying information that would allow the perpetrator to know they were discussed in session and to identify what the therapist knows.

Safety planning content

Safety planning is one of the most clinically important interventions for IPV clients, and it generates some of the most operationally sensitive documentation in any therapy practice. A safety plan addresses: where the client will go if they need to leave quickly (shelter names, family addresses, friend locations); what financial resources they have or have hidden; what identification documents they have secured; who knows about the situation and can help; what the perpetrator's likely response to departure will be; and what legal steps (protection order, police report) the client has taken or is considering.

This information is safety-enabling when it stays between the therapist and client. It is safety-defeating if it reaches the perpetrator. The client's name, the perpetrator's name, the shelter destination, the financial resources, the exit timeline — all of this appears in the session audio that a cloud AI scribe vendor retains independently.

Legal history and parallel proceedings

IPV clients frequently have parallel legal proceedings: active protection order applications, pending or anticipated divorce or custody cases, criminal proceedings. Sessions often include detailed discussion of these proceedings — what the client has filed, what the perpetrator has filed, what the client's attorney advised, what the client is afraid the perpetrator will argue in court. All of this becomes part of the vendor's session archive. In the very proceedings the client described in session, the vendor's archive may be reachable through discovery.

Civil subpoena and the vendor's independent archive

The specific risk created by the cloud AI scribe vendor's independent archive is most acute in civil proceedings — and domestic violence situations routinely generate civil proceedings. Protection order applications are civil. Divorce proceedings are civil. Child custody determinations are civil. Each of these proceedings involves a party adverse to the IPV survivor, whose attorney has the right to issue subpoenas for documents from third parties.

A subpoena directed at the cloud AI scribe vendor — in the vendor's jurisdiction, under the procedural rules of the proceeding — is a demand on the vendor's own records. The vendor's legal obligations in response to that subpoena are not the same as the therapist's. The therapist-patient privilege is an evidentiary protection that the client holds and can assert through counsel — and which the therapist can honor by not producing records absent a court order overriding it. But the privilege applies to the therapist's own records and to the therapist's own testimony. Whether and how it applies to compel a third-party vendor to withhold its own independently retained business records is a more complex question that varies by jurisdiction, by the scope of the state's therapist-patient privilege statute, and by whether the court determines the vendor's records are derivative of the therapist's protected communications or are the vendor's own separately originating records.

The adversarial party context

What makes the civil subpoena risk specifically acute for IPV clients is the identity of the adverse party. In a protection order proceeding, the adverse party is the person the client is seeking protection from. In a custody proceeding, the adverse party may be the abusive co-parent. The perpetrator's attorney issuing a subpoena to the cloud AI scribe vendor is seeking the same session content the client disclosed in therapy — including safety planning details, perpetrator descriptions, legal strategy discussions, and abuse history. A Business Associate Agreement between the therapist and the vendor does not prevent the vendor from responding to a court-issued subpoena directed at the vendor in the vendor's jurisdiction. The BAA governs the vendor's use and disclosure of PHI on HIPAA-regulated pathways — responding to valid legal process is a different pathway entirely.

The privilege assertion gap

A therapist whose own records are subpoenaed in a civil proceeding can work with the client's attorney to assert the therapist-patient privilege — file an objection, move to quash, require a court order before producing, and in some jurisdictions maintain the privilege even against court compulsion in highly sensitive categories. The privilege is not absolute, but the therapist can participate in the legal process as an advocate for the client's confidentiality interests because the subpoena runs to the therapist.

A subpoena directed to the vendor runs to the vendor. The vendor has its own legal counsel, its own risk calculus, and its own interests — which may not align with the client's confidentiality interests. The vendor must respond or move to quash in the vendor's jurisdiction. The client and therapist may not even receive notice of the subpoena in time to participate. And the vendor's motion to quash, if it files one, will rest on the vendor's own legal arguments — not on the therapist's professional privilege assertion on the client's behalf.

The safety planning documentation paradox

There is a paradox at the center of safety planning documentation in the cloud AI scribe context. Good safety planning requires specificity — a vague "have a plan to leave" is far less useful clinically than a detailed, concrete plan the client has walked through with the therapist. The more specific the plan, the better it works as clinical intervention. But the more specific the plan, the more operationally useful it is to anyone who can reach the documentation.

Therapists have always navigated this tension in documentation — balancing clinical completeness with the awareness that records can be subpoenaed. The standard guidance is to document the safety assessment, the client's level of risk, the interventions discussed, and the client's stated plan — without necessarily creating a verbatim record of every detail that would identify the specific shelter, the specific financial account, or the specific person the client plans to call. That documentation judgment is a clinical skill the therapist exercises.

The cloud AI scribe eliminates that documentation judgment for the session audio itself. The audio is verbatim. Whatever the client said about where they are going, who they are calling, and what they have already done is in the vendor's archive exactly as spoken. The therapist's clinical note — which might carefully balance completeness and operational specificity — is one record. The distinction between what a therapist documents and what the vendor independently retains is nowhere more consequential than in IPV safety planning sessions.

Law enforcement access and the dual-use disclosure framework

HIPAA's 45 CFR 164.512(c) addresses law enforcement access in the domestic violence context from the therapist's perspective. But law enforcement has multiple routes to information in an investigation — and some of those routes run through third-party vendors rather than through the covered entity.

Law enforcement can issue a subpoena or court order for a cloud AI scribe vendor's records without the therapist's knowledge or involvement. The vendor's response to law enforcement process is governed by its own privacy policies, its terms of service, and the legal requirements in its jurisdiction — not by the therapist's HIPAA obligations or the therapist's clinical judgment about whether disclosure is appropriate under 164.512(c). For IPV clients in situations where law enforcement involvement is contested — where the client has made an informed decision not to pursue a criminal complaint, for reasons of safety, immigration status, or personal autonomy — the vendor's response to a law enforcement subpoena can override the clinical framework the therapist was operating under.

This is not a hypothetical concern. Law enforcement subpoenas for cloud service provider records are a standard investigative tool — far more accessible, from a law enforcement perspective, than seeking records from a covered entity who can assert HIPAA protections. HIPAA's privacy framework creates meaningful protections when the demand runs through the covered entity. When the demand runs around the covered entity to a vendor, those protections depend on the vendor's legal posture — not the therapist's.

On-device processing: one custodian, one framework

On-device note generation does not resolve the clinical and legal complexity of IPV documentation — it eliminates the specific exposure created by the cloud AI scribe vendor's independent archive. When audio, transcript, and note draft are processed entirely on the therapist's Mac and never transmitted to a vendor's servers, no independent custodian holds the session content.

The safety planning conversation, the perpetrator identification, the housing destination, the financial details, the exit timeline — all of this exists in one place: the therapist's clinical record, subject to HIPAA, subject to state privilege law, and subject to the therapist's professional documentation judgment. There is no vendor archive to reach through civil subpoena. There is no third party whose legal response to a law enforcement demand is outside the therapist's control. There is no separately originating business record in a data center in a jurisdiction the client never chose.

This is an architectural guarantee, not a contractual one. A BAA obligates the vendor not to misuse PHI on HIPAA-regulated pathways — it does not prevent legal process, does not give the therapist control over the vendor's litigation choices, and does not cause the vendor's archive to stop existing. On-device processing means the vendor's archive does not exist because no transmission occurred. For IPV clients — whose safety may depend on safety planning information staying in a single, controlled custody location — the difference between one custodian and two is not a marginal privacy preference. It is a safety architecture question.