Published on: | by

Your AI Scribe Is Listening. Is Your Compliance Program?

Ambient AI scribes are transforming healthcare at a speed the industry hasn’t seen since the EHR mandate. Kaiser Permanente reports that AI scribes saved its physicians the equivalent of 1,794 working days in a single year across 2.5 million patient encounters, with 84% of physicians reporting improved patient interactions. Spending on ambient scribe technology grew 2.4x in 2025 alone, generating an estimated $600 million in revenue, with market leaders Nuance DAX Copilot, Abridge, and Ambience Healthcare commanding the lion’s share. The U.S. AI medical scribing market—valued at roughly $397 million in 2024—is projected to reach nearly $3 billion by 2033.

The technology works. Physicians love it. Patients often do too. But here’s the problem: the law hasn’t caught up, and providers are deploying these tools faster than they’re building the compliance infrastructure to support them.

The result? Class action lawsuits, regulatory scrutiny, and the very real possibility that the technology meant to reduce burnout could become a new vector for institutional liability.

The Sharp Healthcare Nightmare Lawsuit

In November 2025, a patient named Jose Saucedo filed a proposed class action against Sharp HealthCare in San Diego Superior Court, alleging that Sharp used Abridge’s ambient AI documentation tool to record clinical encounters without patient consent. The complaint claims Sharp violated California’s all-party consent wiretapping statute (CIPA) and the Confidentiality of Medical Information Act (CMIA) by capturing physician-patient conversations and transmitting audio to a third-party vendor’s cloud servers, where vendor personnel could allegedly access it.

The most alarming allegation? Sharp’s EHR notes reportedly contained boilerplate language stating patients had been “advised” of and “consented” to the recording—when, according to the complaint, no such advisement or consent ever occurred. In other words, the AI-generated documentation may have fabricated its own consent trail. The plaintiff’s attorneys estimate that over 100,000 patient encounters may have been recorded during the rollout.

Sharp is not alone. A similar action against Heartland Dental alleged wiretapping violations tied to ambient scribe deployment. While a federal court in Illinois dismissed the wiretapping claims in January 2026 under the “ordinary course of business” exception, it acknowledged the plaintiffs’ standing on other grounds and left the door open for refiling.

The Compliance Gap Is the Risk

Ambient scribe technology is not inherently unlawful. Properly implemented, it can be fully compliant with HIPAA, state wiretapping laws, and emerging AI transparency requirements. The problem is that “properly implemented” demands more than flipping on a software switch.

Here’s what we’re seeing in the field:

  • Consent workflows that don’t actually work. Many health systems rely on cursory verbal mentions or—worse—auto-generated consent language in EHR templates that patients never actually heard. The Sharp lawsuit exposed this as a ticking time bomb.
  • Vendor contracts that shift all risk to the provider. Most ambient scribe vendor agreements are structured to place consent, notification, and compliance obligations squarely on the healthcare entity—while the vendor retains broad rights to access, process, and retain audio data. If a contract is already executed on unfavorable terms, the compliance overlay becomes even more critical.
  • State-by-state consent patchwork. Thirteen states, including California, Florida, and Massachusetts, require all-party consent to record conversations. The remaining states allow one-party consent.

But that is just under standard “wire-tapping” statutes. It gets more complicated in healthcare. Healthcare specific laws exist, such as laws requiring written consent before recording behavioral health encounters. And, that’s before we even get to professional ethics and licensure requirements.

A multi-state health system using a single ambient scribe workflow could be compliant in one jurisdiction and committing a felony in another.

  • AI “hallucinations” in the medical record. If an AI scribe fabricates or distorts clinical content—a documented phenomenon—and a physician signs off without adequate review, the provider bears malpractice exposure. This is not theoretical. It is an emerging risk category that malpractice carriers are actively flagging.
  • Emerging state AI transparency laws. California’s AB 3030, effective January 1, 2025, requires healthcare providers using generative AI to include disclaimers in patient communications and provide instructions for contacting a human provider. Utah and Colorado have enacted their own AI disclosure requirements. More states will follow.

What Smart Providers Are Doing Now

The organizations getting this right aren’t waiting for litigation or regulation to force their hand. They’re building compliance into the deployment from day one—before they switch on the microphone.

At HLP, we’ve been actively assisting healthcare providers with ambient scribe implementation and compliance, including developing tailored compliance packages that address consent protocols, vendor contract risk allocation, state-specific recording laws, HIPAA business associate obligations, AI transparency requirements, and clinical documentation governance. The stakes are too high—and the legal landscape too unsettled—to treat this as a standard IT rollout.

The Bottom Line

Ambient AI scribes are here to stay. The clinical upside—reduced burnout, better documentation, more face time with patients—is genuine and substantial. But the providers who will benefit most are those who recognize that a powerful clinical tool also creates a powerful compliance obligation.

If your organization is deploying or considering ambient scribe technology, the time to build the compliance framework is *before* you hit record—not after you get served.

* * *

For guidance on ambient AI scribe implementation, vendor contract review, HIPAA compliance, and state-specific consent requirements, contact Clinton Mikel, Esq. at cmikel@thehlp.com or (248) 996-8510, or contact your regular HLP attorney at The Health Law Partners, P.C. 

Contact Information
Detroit
32000 Northwestern Hwy #240
Farmington Hills, MI 48334
P (248) 996-8510 F (248) 996-8525

The Health Law Partners, P.C.

New York City
5 Franklin Pl #9C
New York, NY 10013
P (212) 734-0128 F (917) 210-2952

This is an attorney advertisement.

We serve the following localities: Alpena County, Alpena, Bay County, Auburn, Bay City, Essexville, Pinconning, Berrien County, Benton Harbor, Berrien Springs, Buchanan, Coloma, Niles, St. Joseph, Stevensville, Watervliet, Calhoun County, Albion, Battle Creek, Marshall, Charlevoix County, Boyne City, Charlevoix, East Jordan, Cheboygan County, Cheboygan, Crawford County, Grayling, Eaton County, and Bellevue. [ View More ]

This is an attorney advertisement.

Branding by Zoyes Creative

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Please do not include any confidential or sensitive information in a contact form, text message, or voicemail. The contact form sends information by non-encrypted email, which is not secure. Submitting a contact form, sending a text message, making a phone call, or leaving a voicemail does not create an attorney-client relationship.

Copyright © 2026, The Health Law Partners, P.C.
JUSTIA Law Firm Blog Design