Feelpath Logo
Back to clinician library

Feelpath's data handling practices

A clinician-friendly explanation of what gets saved, who can see it, what you can use or leave off, and what to do when transcripts are incomplete or wrong.

The stance

In therapy, privacy is not a feature. It is the condition that makes the work possible.

This page explains the practical privacy questions clinicians and clients actually ask: what gets saved, who can see it, what you can use or leave off, and how to keep trust central.

If you need formal policy language for your setting, start with Privacy overview.

First principle: you can use Feelpath without transcripts

Feelpath can be used as a telehealth room with Insights turned off. Transcripts and after-session reflection tools are there when you want them.

Clinically, this matters because “no” needs to be a stable option. If a client declines transcripts, the session can still proceed normally.

Consent choices at session start

Before a session, you may see checkboxes like:

  • Save my transcript for Insights
  • Share my transcript with my therapist

These choices control what Feelpath saves and who can access it inside the platform.

By default, these options are turned on. That is because transcript based reflection is where most of the value comes from. Consent is still explicit, and you can turn these off.

If you want the checkbox meanings spelled out, see ROI and disclosures.

What can be saved

In general, there are three buckets:

  • Session metadata: basic session details (for example, start/end times and participants).
  • Session transcript: who said what when, if transcripts are enabled and saved with consent.
  • Session reflections: outputs created from the transcript (for example, highlights or summaries) when those features are enabled.

Who can see what

In Feelpath, visibility depends on consent choices.

If Insights are off, your transcript is not saved or analyzed, and no Insights are generated. The session still runs normally.

If a transcript is saved for Insights, that transcript can be used to generate post session reflections inside the account that owns it.

If a client chooses “Share my transcript with my therapist,” the therapist can view the transcript inside Feelpath. If they do not choose that, the therapist does not have access to the client’s transcript through Feelpath.

Consent is meant to be specific and revisitable: yes today, no next time (or the reverse).

Further reading: What does consent mean in Feelpath.

Sharing and revocation

Sharing is always your choice.

If something is shared, access can be revoked later.

When sharing is revoked, access ends immediately inside the app.

AI and OpenAI ZDR

If you enable transcript based reflection features, we use OpenAI with Zero Data Retention.

Your content is processed to produce the output. It is not retained by the provider, and it is not used to train models.

If you want the longer, diagram-based explanation, see Where your privacy starts.

What if the transcript is wrong

Unless you are reviewing everything, it is wise to expect there will be some inaccuracies. Transcripts can be incomplete, misheard, or missing context.

The safest stance is to use them as a memory aid, and keep any reflection outputs tied back to excerpts you can inspect. If something looks wrong or sensitive, it should be correctable or removable.

Editing, redaction, and deletion

Each person can edit or redact only their own words.

If a person redacts their text, the redacted text is removed. We do not keep an old copy of the redacted text.

We keep an internal record that an edit happened. This is meant to support accountability without preserving sensitive content.

Audit logs and accountability

In clinical systems, “who accessed what” matters. Feelpath maintains HIPAA-grade audit logging designed to support accountability and review.

Retention

Information is stored until it is deleted.

Bottom line

Feelpath is designed to be usable in real clinical life: Insights off when needed, transcript tools only with consent, reflection outputs that can be checked, and controls that keep trust central.