Topic · HIPAA AI SOAP notes
HIPAA AI SOAP note — drafted on your Mac, with no BAA required
If session audio never leaves the device, there is no vendor in the data flow — and therefore no vendor BAA to sign, audit, or worry about. That is the category TherapyDraft is building.
TL;DR
A "HIPAA AI SOAP note" usually means an AI scribe plus a Business Associate Agreement with whoever runs the AI. TherapyDraft takes a different route: the model runs on your Apple Silicon Mac, so your client's audio, transcript, and draft never reach any vendor — including us. No vendor access means no BAA is required in the first place. This is a compliance model based on architecture, not on paperwork.
Why clinicians ask this question
Most clinicians searching for a "HIPAA AI SOAP note" tool are in the same spot: they want the 90%-done draft that a modern LLM can produce, but they're uncomfortable with the line "your session audio is sent to our servers, protected by a BAA." A BAA is a legal instrument — it governs breach response, subprocessor disclosures, and liability allocation. It's necessary when a vendor handles PHI, but it does not, by itself, make the data flow safe. It makes the paperwork correct after a breach.
Clinicians working with high-sensitivity populations (trauma survivors, attorneys, executives, other therapists) often want an even stronger posture than "BAA plus vendor promise." They want to be able to answer the client's real question — does anyone else ever hear this? — with "no," not with a ninety-second explanation of subprocessor chains.
Two architectures for HIPAA-grade SOAP drafting
There are essentially two working architectures on the market today:
- Cloud scribe + BAA. The vendor records or ingests the session, transcribes it on their GPUs, drafts the SOAP note with an LLM (often rented from a subprocessor like OpenAI or Anthropic), stores the transcript and draft in their cloud, and you sign a BAA covering all of it. Mentalyc, Upheal, Blueprint, Freed, and Supanote all follow this pattern with minor variations.
- On-device scribe, no BAA. The model runs locally, on hardware you own. There is no third party touching PHI, so there is no vendor relationship that would trigger a BAA under 45 CFR 164.504(e). This requires Apple Silicon performance and a quantized 14B-parameter model — which has only become clinically viable in the last 18 months. TherapyDraft is this architecture.
Both models can plausibly claim "HIPAA AI SOAP note." The difference is where the trust sits: in the second model, there is simply less surface area that requires trust.
What "no BAA required" actually means
Under the HIPAA Privacy Rule, a BAA is required when a covered entity (you, the licensed clinician) shares PHI with a business associate (a vendor) so that the vendor can perform a function on the covered entity's behalf. If no PHI is shared with a vendor, no BAA is required — this is textbook. The relevant section is 45 CFR 164.502(e); HHS summarizes it on its BAA provisions page.
With TherapyDraft, the data that would normally flow to a vendor — audio, transcript, draft — never leaves your Mac. The only outbound traffic is Stripe license activation (no PHI) and an anonymous app-version check (no PHI). Stripe is already a well-known fit for tools like this; their relationship to you is as a payment processor, not as a PHI recipient.
How TherapyDraft enforces this
Promises are easy. Enforcement is the hard part. TherapyDraft relies on two layers of enforcement that a cloud scribe cannot offer:
- macOS sandbox entitlements. The app's network entitlement allow-lists only the two hostnames above — it physically cannot open a socket to anywhere else. You can verify this yourself by opening Activity Monitor's network pane while the app drafts a note.
- Tamper-evident inference log. Every inference writes a hash-chained JSONL entry locally — model ID, prompt hash, output hash, timestamp, device ID. If a client ever asks "prove the AI only ran on your machine," you can show the chain and the device ID it's anchored to.
Neither of these mechanisms requires trusting us. They're structural properties of the app you're running. Read the full technical detail on the privacy page.
When a cloud scribe is still the right answer
On-device is not strictly better — it is different. Cloud scribes win on Windows support (TherapyDraft is Mac-only until late 2026), on team review workflows, and on the sheer model-size ceiling (a 70B cloud model will, on some sessions, produce a slightly cleaner draft than our quantized 14B). If your practice standardizes on Windows, or if you routinely need multi-clinician collaborative review of raw audio, a cloud scribe with a strong BAA is probably the right call today. See the side-by-side in the therapy AI scribe pricing comparison.
How to try TherapyDraft
The private beta opens this quarter for the first 100 solo practitioners on M-series Macs. Join the waitlist on the homepage — we'll email when your invite is ready. Pricing is flat: $39/mo solo or $29/seat/mo for groups of three or more, as laid out on the pricing page.
Related questions
Is "HIPAA-compliant AI" the same as "on-device AI"?
No. HIPAA-compliant is a regulatory status that a vendor can achieve by signing a BAA and meeting the Security Rule's safeguards. On-device is an architectural choice where no vendor is in the data flow. Most HIPAA-compliant AI scribes are cloud tools with BAAs; TherapyDraft is HIPAA-friendly for a different reason — there's no vendor to make a BAA with.
Do I still need to post a Notice of Privacy Practices?
Yes — the NPP is a standing obligation of every covered entity regardless of what tooling you use. TherapyDraft doesn't change what PHI you collect or how long you retain it; it only changes where AI inference happens.
What if a subpoena asks for my session audio?
The audio and transcripts live on your Mac, under your custody, and are subject to the normal rules that govern clinical records under your state's board. A cloud scribe's transcripts are subject to those rules plus any discovery that can be served on the vendor — generally a strictly larger surface.