Lawsuit over recorded visits
California residents sued an AI tool that records doctor visits, alleging confidential conversations were processed offsite without proper safeguards. The case sits at the crossroads of consent, state privacy law and expectations about medical confidentiality — and the issue has sparked wider social debate about hospital video recording and HIPAA risks. (arstechnica.com (x.com))
Three California patients filed a proposed class action in federal court on April 8 accusing Sutter Health and MemorialCare of using Abridge to record doctor visits without clear consent. The suit says private medical conversations were captured and sent offsite for transcription and note-making. (arstechnica.com) (legalnewsfeed.com) The tool at the center of the case is an “ambient listening” system, which works like a digital scribe left running in the exam room. Abridge says its software turns patient-clinician conversations into draft clinical notes for the medical record. (abridge.com) (it.johnshopkins.edu) Hospitals like these tools because doctors spend hours typing after visits, and the software promises to turn speech into chart notes automatically. Kettering Health says Abridge records the conversation through a phone app, creates a structured summary, and sends it into Epic, the medical record system many hospitals use. (ketteringhealth.org) (athenahealth.com) The lawsuit is not claiming that making notes is illegal by itself. It says the recording happened first, and in California that step can trigger a stricter rule than many people expect. (arstechnica.com) (privacyrights.org) California is an all-party consent state for confidential communications, which means everyone in a private conversation usually has to agree before it is recorded. Penal Code section 632 bars recording a confidential communication without the consent of all parties. (california.public.law) (privacyrights.org) That is why this case is about more than the word “artificial intelligence.” If a doctor uses software that listens, saves audio, or sends a transcript to another company, the legal fight can turn on notice, consent, and whether the patient understood what was happening in the room. (arstechnica.com) (healthmanagement.org) The federal health privacy law, the Health Insurance Portability and Accountability Act, does not simply ban outside vendors from touching patient data. The Department of Health and Human Services says hospitals can share protected health information with a business associate if that company is doing work on the hospital’s behalf and is bound to safeguard the data. (hhs.gov) (ecfr.gov) Abridge says its enterprise product is “100% Health Insurance Portability and Accountability Act compliant,” which is the company’s answer to the offsite-processing fear. But a HIPAA setup and a California consent rule are two different questions, so a hospital can still face a state-law fight even if the vendor says its system is compliant. (support.abridge.com) (hhs.gov) (california.public.law) This is also not the first case of its kind. Sharp HealthCare was sued in late 2025 over similar allegations that Abridge recorded patient conversations without proper consent, which means California courts may see a wave of cases testing the same basic question in different hospital systems. (healthexec.com) (mobihealthnews.com) The social argument underneath the lawsuit is simple: patients walk into an exam room expecting a closed-door conversation, not a microphone connected to a software pipeline. Hospitals adopted ambient scribes to cut paperwork, and now courts may decide how explicit the warning has to be before that convenience is legal in California. (arstechnica.com) (ama-assn.org)
