If you have ever typed something into a mental-health app that you would not say out loud, you already understand why privacy here is different. The notes you share with an AI therapy or mental-health tool — how you slept, what you are afraid of, the thought you can’t shake — are among the most sensitive data a person can produce. So the honest question isn’t just “does this help?” but “where does what I say actually go, and who can see it?”
This is a guide to privacy in AI mental-health tools: the real risks, what the law does and doesn’t cover, the questions worth asking before you trust an app, and how privacy-by-design should work. It is the data-and-confidentiality side of AI therapy specifically — if you want the broader picture, see our guide to traditional therapy versus AI therapy.
Why mental-health data is uniquely sensitive
Most privacy advice treats all personal data the same. Mental-health data isn’t. Under the EU’s GDPR, “data concerning health” is special-category data — a protected class that may not be processed without a specific legal condition such as your explicit consent (GDPR Article 9). The UK’s data regulator puts the reason plainly: details about a person’s mental health “are likely to be much more sensitive” than, say, a broken leg, because of the potential for stigma and discrimination (UK Information Commissioner’s Office).
That sensitivity is also why a privacy failure here does more than embarrass. If people fear their disclosures could leak — to an advertiser, an employer, an insurer — they share less, and incomplete information makes support less effective. A scoping review of the ethics of conversational AI in mental health found that privacy and confidentiality were the single most-discussed ethical concern, raised in 61.4% of the 101 studies reviewed (Rahsepar Meadi and colleagues, JMIR Mental Health, 2025). It is the field’s central worry for good reason.
The real privacy risks in AI mental-health tools
The risks are not hypothetical, and they are not mainly about dramatic hacks. The bigger pattern is sensitive data being shared, retained, or repurposed in ways users never expected.
- Sharing with third parties for advertising. This is the documented, headline risk. In 2023 the US Federal Trade Commission acted against the online-counseling service BetterHelp for disclosing the email addresses, IP addresses, and mental-health questionnaire responses of about 5.6 million people to Facebook, Snapchat, Criteo, and Pinterest for targeted advertising — after promising to keep that information private. BetterHelp agreed to pay $7.8 million in consumer refunds, the FTC’s first such return of money for compromised health data (FTC, 2023).
- Weak privacy across the category. When the Mozilla Foundation reviewed mental-health and prayer apps for its Privacy Not Included guide, it flagged 28 of 32 apps with a privacy warning, and 25 of 32 failed its minimum security standards (Mozilla Foundation, 2022). A 2023 follow-up found modest improvement but still issued warnings to most apps reviewed (Mozilla Foundation, 2023).
- Conversations used to keep you engaged — and to train models. The American Psychological Association has warned that some general-purpose and “companion” chatbots are designed to maximise engagement so user data can be mined, and has urged regulators to scrutinise tools that pose as therapists (APA Services, 2025). Separately, the APA notes the FTC’s concern about firms using sensitive customer data to train AI models without clear consent (APA, 2024).
- Storage and re-identification. Anything retained can be breached, subpoenaed, or — even when “anonymised” — re-linked to a person from surrounding detail. The safest data is the data that was never stored in the first place.
A related concern is what the tool infers, not just what it stores. Systems that read tone, sentiment, or distress from your words create new sensitive data about you — which is worth understanding before you opt in (more on that in our piece on AI emotion recognition in mental health).
Does HIPAA or GDPR actually protect you here?
A common and costly assumption is that “health app” means “HIPAA-protected.” In the US, it usually does not. HIPAA applies to covered entities — health plans, clearinghouses, and most healthcare providers — and their business associates. A direct-to-consumer wellness or mental-health app you download yourself is generally not covered unless it is offered by, or working on behalf of, one of those entities (US Department of Health and Human Services / FTC guidance).
That gap is exactly why the FTC has stepped in under the FTC Act and, since 2024, an updated Health Breach Notification Rule that reaches health apps not covered by HIPAA, requiring them to disclose breaches of identifiable health data (FTC, 2024). In the EU and UK, GDPR’s special-category rules (above) apply regardless of whether a tool calls itself “medical.” The practical takeaway: the label on the app tells you little; the privacy policy and the company’s actual practices tell you everything.
Eight questions to ask before you trust a mental-health app
You don’t need to read a privacy policy like a lawyer. A handful of pointed questions surface most of what matters.
| Ask | What a good answer looks like |
|---|---|
| Is my data ever sold or shared for advertising? | A clear, unqualified no. |
| Are my conversations used to train AI models? | Not without separate, explicit, opt-in consent. |
| Does a human ever read what I write? | No — except where the law genuinely requires it. |
| Is my data encrypted in transit and at rest? | Yes, both — as a baseline, not an upgrade. |
| Can I delete everything, permanently? | Yes, on demand, including from backups. |
| Can I use it without my chat being stored at all? | An off-the-record option exists. |
| Who is the company, and how do they make money? | A subscription — not your data. |
| What happens to my data if the company is sold? | Stated plainly, with your data protected or deletable. |
If a tool is vague on any of these, that vagueness is itself the answer. (For more on what to look for in an AI mental-health tool generally, see our common questions about AI mental-health support.)
What privacy-by-design should look like
Good privacy isn’t a promise bolted on at the end; it is built into how a system handles data. A few principles separate genuinely private tools from the rest:
- Data minimisation. Collect and keep as little as possible. Data that doesn’t exist can’t leak.
- Encryption in transit and at rest, with the keys that decrypt data kept isolated from where it is stored, so a breach of one doesn’t hand over the other.
- No human eyes on conversations by default, and no sale or ad-sharing of personal data — ever.
- User control: the ability to delete everything, and an off-the-record option for conversations you’d rather leave no trace.
- Aggregate-only for any organisation. Where a workplace offers an AI wellbeing tool, the employer should see only group-level trends with a minimum group size — never one person’s words or scores.
This is the standard aidx.ai, an award-winning AI coaching and therapy service, is built to. Conversations are encrypted in transit and at rest, with decryption isolated from storage; no human reads your conversations; data is never sold or shared; and you can delete everything at any time. An Incognito toggle — a switch you can turn on within any conversation — keeps that chat out of the database entirely: messages are held in temporary cache and forgotten after 30 minutes, leaving no stored record. For organisations that offer Aidx to their people, only aggregate, anonymised wellbeing signals are ever shown, and nothing is reported for a group smaller than three — so no individual is ever identifiable.
None of this removes the need to choose carefully. Privacy is a practice, not a slogan — and the right tool earns trust by making the private thing genuinely private.
Last reviewed: June 2026. This article is general information about data privacy and AI mental-health tools, not legal, medical, or professional advice. If you are struggling with your mental health, consider speaking with a qualified professional. If you are in crisis or may be at risk of harming yourself, contact your local emergency services or a crisis line right away — in the US, call or text 988 (Suicide & Crisis Lifeline); in the UK and Ireland, call Samaritans on 116 123.
