Blogs · July 2026
What happens to patient data when an AI answers the phone?
You stay the controller, the supplier is your processor, and there are things the law requires before you switch anything on. Here they are, in plain English.
The short answer: the data stays yours, and so does the legal responsibility. The supplier is there to process it on your instructions, not to own it. In the law's words, your practice is the controller and the supplier is your processor, and that comes with three things you have to do before you switch anything on: sign the right contract, assess the risk, and tell callers if you are recording them. Outsourcing the phone does not outsource the liability.
The three words that decide everything
Controller. Under UK GDPR, the controller "determines the purposes and means" of the processing. That is you. You decide the agent answers your phone, what it does, and why.
Processor. A processor "processes personal data on behalf of the controller". That is your AI supplier.
Liability. Here is the part suppliers gloss over. The Information Commissioner's Office is clear that if a processor steps outside your instructions and starts deciding the purpose and means itself, "it will be considered to be a controller in respect of that processing and will have the same liability as a controller". But while it is acting on your instructions, you are the one accountable to your patients.
What the law actually requires before you switch it on
Not "best practice". Requirements.
1. A written contract, before a single call
In plain terms: you cannot just hand your calls to a supplier on a handshake. The law (Article 28 of the UK GDPR) says the arrangement "shall be governed by a contract", and the Information Commissioner's Office lists eight things it has to cover:
- processing only on your documented instructions
- a duty of confidence
- appropriate security measures
- rules on using sub-processors
- helping you handle patients' rights requests
- assisting you generally
- what happens at the end: deletion or return of the data
- audits and inspections
No contract means you are already in breach, before anything has gone wrong.
2. A risk assessment, before you go live
A Data Protection Impact Assessment, or DPIA, is a written check of what could go wrong for the people whose data you are handling, and what you are doing about it. It is required where processing "is likely to result in a high risk" to people's rights, and it must be done before the processing starts, not afterwards.
Does an AI agent trigger it? On the ICO's own list, "innovative technology... including AI" requires a DPIA when combined with another risk criterion, and one of those criteria is sensitive data or data of a highly personal nature. For a dental practice handling patient health data, that is both boxes ticked. Do the DPIA. It is not a formality you can catch up on later.
3. Tell callers if you are recording them
If calls are recorded or transcribed, people have to be told at the point of collection. This is where organisations come unstuck. The ICO reprimanded a police force over an app that silently saved more than 200,000 recordings of phone conversations, finding the processing unfair and unlawful because "people were not informed that their conversations with officers were being recorded".
4. Decide how long you keep it, and actually delete it
Data must be kept "no longer than is necessary". Recordings hoarded forever "just in case" is the classic failure, and it is the one that turns a small incident into a large one.
Dental and veterinary are not the same here, and beware anyone who says they are
This matters, and most vendors get it wrong.
Dental: patient health data is special category data. UK GDPR defines data concerning health as personal data about a person's physical or mental health, including the provision of health care services. Article 9 prohibits processing it unless you meet one of a set of conditions, so you need a lawful basis under Article 6 and a separate Article 9 condition (usually health or social care, under Schedule 1 of the Data Protection Act 2018), which generally means holding an Appropriate Policy Document.
Veterinary: an animal's clinical record is not special category data. The definition applies to a natural person. Your client's name, number and payment details are ordinary personal data, and they still deserve care and still fall under UK GDPR, but the Article 9 machinery above does not apply in the same way.
So a veterinary practice has a lighter legal load than a dental one on this specific point. Anyone who sells you one identical compliance story for both has not read the definitions.
The professional duties do not go away either way. The GDC requires you to "protect the confidentiality of patients' information", to keep it "secure at all times", and it explicitly extends that duty to non-registered members of the dental team and to recordings. The RCVS says a vet "should not disclose to any third party any information about a client or their animal", that the duty "includes support staff", and that client personal data must be handled in line with data protection law.
An AI agent answering your phone is, in that sense, just another member of the team who has to be held to the same standard.
The automated decisions question, and why most articles about it are out of date
You will read a lot about "Article 22" and solely automated decisions. Be careful: that law changed. The Data (Use and Access) Act 2025 replaced Article 22 with Articles 22A to 22D. Anyone still quoting Article 22(4) at you in 2026 is working from an old copy, and some pages have not caught up.
What the new wording says: a decision is based solely on automated processing "if there is no meaningful human involvement", and a significant decision is one producing "a legal effect... or a similarly significant effect". Where such a decision involves health data, it may not be taken solely automatically except in narrow circumstances, and people must be able to obtain human intervention, make representations, and contest it.
In practice: an agent that books an appointment, gives your opening hours or quotes your published fee is almost certainly nowhere near a "significant decision". An agent that starts to refuse, triage, prioritise or deny someone access to care is a different animal entirely, and ours does not do that. Anything clinical, and anything urgent, goes to a human on your team.
The ICO's guidance on this is currently in draft and out for consultation, so treat this as a moving area and keep a human in the loop for anything consequential.
What can actually go wrong
Two real cases, and note who got punished in each.
The ICO fined Advanced Computer Software Group £3.07 million after a ransomware attack. Advanced is a supplier that processes personal information on behalf of the NHS and other healthcare providers. The attackers got in through a customer account without multi-factor authentication. The Commissioner's words: the security measures "fell seriously short of what we would expect from an organisation processing such a large volume of sensitive information".
And a practice can be on the hook too: the ICO reprimanded a GP practice in December 2025 for sending 23 years of a terminally ill patient's medical records to an insurer, when five years had been asked for.
The lesson from both: ask your supplier hard questions about security, and be careful what data leaves your building.
The questions to ask any AI supplier
- Will you sign an Article 28 contract, with all eight clauses?
- Will you help me complete my DPIA, and do you have one of your own?
- Where is the data stored, and does any of it leave the UK?
- Do you use our calls to train your models? (If the answer is anything other than a clear no, ask a lot more questions.)
- Who are your sub-processors, and how do I find out when that changes?
- Is multi-factor authentication enforced on every account, including ours?
- What happens to every recording, transcript and record if we leave?
Vague answers are the answer.
Where a blog post stops and a lawyer starts
We are not going to pretend this article settles everything. It does not, and a supplier who claims their product makes you compliant is selling you something that does not exist. Compliance is a property of your practice, not of our software.
Get proper advice on: whether a specific booking or triage behaviour crosses into a "significant decision"; whether your Schedule 1 condition and Appropriate Policy Document are right; and anything involving records leaving the UK.
What we can do is not be the weak link.
Frequently asked questions
Who is responsible for patient data if an AI answers the phone?
Your practice. You are the controller. The AI supplier is your processor, acting on your documented instructions, and a written Article 28 contract between you is a legal requirement.
Is a DPIA required before deploying an AI agent in a dental practice?
Almost certainly. AI counts as "innovative technology" on the ICO's own list, and combined with sensitive data that makes a Data Protection Impact Assessment a requirement, to be done before the processing starts.
Is veterinary data special category data?
An animal's clinical record is not, because the definition applies to a natural person. Your clients' personal details are still personal data and still protected, but the Article 9 rules that apply to dental patient health data do not apply in the same way.
Do we have to tell callers they are being recorded?
Yes, if you record or transcribe calls. People must be told at the point of collection, and the ICO has taken enforcement action where they were not.
Does the AI make automated decisions about patients?
No. It books, answers admin questions and hands over. It does not refuse, triage or prioritise anyone's access to care, and anything clinical or urgent goes straight to a person on your team.
Sources
- UK GDPR Article 4 (definitions of controller, processor and data concerning health), Article 9 (special category data), Article 13 (information to be provided), Article 5 (storage limitation) and Article 28 (processor contracts), legislation.gov.uk. https://www.legislation.gov.uk/eur/2016/679/article/4 · https://www.legislation.gov.uk/eur/2016/679/article/9 · https://www.legislation.gov.uk/eur/2016/679/article/28
- UK GDPR Articles 22A to 22D, as substituted by the Data (Use and Access) Act 2025. https://www.legislation.gov.uk/eur/2016/679/article/22A · https://www.legislation.gov.uk/eur/2016/679/article/22B · https://www.legislation.gov.uk/eur/2016/679/article/22C
- ICO, What needs to be included in the contract (the eight mandatory processor clauses, and processor liability where it acts outside instructions). https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/accountability-and-governance/contracts-and-liabilities-between-controllers-and-processors-multi/what-needs-to-be-included-in-the-contract/
- ICO, When do we need to do a DPIA, and Examples of processing likely to result in high risk (innovative technology including AI, combined with sensitive data). https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/accountability-and-governance/data-protection-impact-assessments-dpias/when-do-we-need-to-do-a-dpia/
- ICO, What are the rules on special category data. https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/lawful-basis/special-category-data/what-are-the-rules-on-special-category-data/
- ICO, Automated decision-making guidance (draft, in consultation, updated March 2026). https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/individual-rights/automated-decision-making/
- ICO enforcement, Surrey Police and Sussex Police reprimand, April 2023 (more than 200,000 call recordings saved; people were not informed). https://ico.org.uk/action-weve-taken/enforcement/2023/04/surrey-police/
- ICO, Software provider fined £3.07m following 2022 ransomware attack (Advanced Computer Software Group, a processor for healthcare providers; entry via an account without multi-factor authentication), March 2025. https://ico.org.uk/about-the-ico/media-centre/news-and-blogs/2025/03/software-provider-fined-3m-following-2022-ransomware-attack/
- ICO enforcement, Staines Health Group reprimand, December 2025 (23 years of records sent to an insurer instead of five). https://ico.org.uk/action-weve-taken/enforcement/2025/12/staines-health-group/
- General Dental Council, Standards for the Dental Team, principle 4 (confidentiality, security, the duty extending to non-registered team members and to recordings). https://standards.gdc-uk.org/Pages/Principle4/Principle4
- Royal College of Veterinary Surgeons, supporting guidance chapter 14, client confidentiality. https://www.rcvs.org.uk/veterinary-professionals/conduct-and-guidance/supporting-guidance/14-client-confidentiality
See it answer for your own business
Tell us how you run, and hear it answer live, built around your own information.