Blogs · July 2026

What happens to patient data when an AI answers the phone?

You stay the controller, the supplier is your processor, and there are things the law requires before you switch anything on. Here they are, in plain English.

The short answer: the data stays yours, and so does the legal responsibility. The supplier is there to process it on your instructions, not to own it. In the law's words, your practice is the controller and the supplier is your processor, and that comes with three things you have to do before you switch anything on: sign the right contract, assess the risk, and tell callers if you are recording them. Outsourcing the phone does not outsource the liability.

The three words that decide everything

Controller. Under UK GDPR, the controller "determines the purposes and means" of the processing. That is you. You decide the agent answers your phone, what it does, and why.

Processor. A processor "processes personal data on behalf of the controller". That is your AI supplier.

Liability. Here is the part suppliers gloss over. The Information Commissioner's Office is clear that if a processor steps outside your instructions and starts deciding the purpose and means itself, "it will be considered to be a controller in respect of that processing and will have the same liability as a controller". But while it is acting on your instructions, you are the one accountable to your patients.

What the law actually requires before you switch it on

Not "best practice". Requirements.

1. A written contract, before a single call

In plain terms: you cannot just hand your calls to a supplier on a handshake. The law (Article 28 of the UK GDPR) says the arrangement "shall be governed by a contract", and the Information Commissioner's Office lists eight things it has to cover:

  • processing only on your documented instructions
  • a duty of confidence
  • appropriate security measures
  • rules on using sub-processors
  • helping you handle patients' rights requests
  • assisting you generally
  • what happens at the end: deletion or return of the data
  • audits and inspections

No contract means you are already in breach, before anything has gone wrong.

2. A risk assessment, before you go live

A Data Protection Impact Assessment, or DPIA, is a written check of what could go wrong for the people whose data you are handling, and what you are doing about it. It is required where processing "is likely to result in a high risk" to people's rights, and it must be done before the processing starts, not afterwards.

Does an AI agent trigger it? On the ICO's own list, "innovative technology... including AI" requires a DPIA when combined with another risk criterion, and one of those criteria is sensitive data or data of a highly personal nature. For a dental practice handling patient health data, that is both boxes ticked. Do the DPIA. It is not a formality you can catch up on later.

3. Tell callers if you are recording them

If calls are recorded or transcribed, people have to be told at the point of collection. This is where organisations come unstuck. The ICO reprimanded a police force over an app that silently saved more than 200,000 recordings of phone conversations, finding the processing unfair and unlawful because "people were not informed that their conversations with officers were being recorded".

4. Decide how long you keep it, and actually delete it

Data must be kept "no longer than is necessary". Recordings hoarded forever "just in case" is the classic failure, and it is the one that turns a small incident into a large one.

Dental and veterinary are not the same here, and beware anyone who says they are

This matters, and most vendors get it wrong.

Dental: patient health data is special category data. UK GDPR defines data concerning health as personal data about a person's physical or mental health, including the provision of health care services. Article 9 prohibits processing it unless you meet one of a set of conditions, so you need a lawful basis under Article 6 and a separate Article 9 condition (usually health or social care, under Schedule 1 of the Data Protection Act 2018), which generally means holding an Appropriate Policy Document.

Veterinary: an animal's clinical record is not special category data. The definition applies to a natural person. Your client's name, number and payment details are ordinary personal data, and they still deserve care and still fall under UK GDPR, but the Article 9 machinery above does not apply in the same way.

So a veterinary practice has a lighter legal load than a dental one on this specific point. Anyone who sells you one identical compliance story for both has not read the definitions.

The professional duties do not go away either way. The GDC requires you to "protect the confidentiality of patients' information", to keep it "secure at all times", and it explicitly extends that duty to non-registered members of the dental team and to recordings. The RCVS says a vet "should not disclose to any third party any information about a client or their animal", that the duty "includes support staff", and that client personal data must be handled in line with data protection law.

An AI agent answering your phone is, in that sense, just another member of the team who has to be held to the same standard.

The automated decisions question, and why most articles about it are out of date

You will read a lot about "Article 22" and solely automated decisions. Be careful: that law changed. The Data (Use and Access) Act 2025 replaced Article 22 with Articles 22A to 22D. Anyone still quoting Article 22(4) at you in 2026 is working from an old copy, and some pages have not caught up.

What the new wording says: a decision is based solely on automated processing "if there is no meaningful human involvement", and a significant decision is one producing "a legal effect... or a similarly significant effect". Where such a decision involves health data, it may not be taken solely automatically except in narrow circumstances, and people must be able to obtain human intervention, make representations, and contest it.

In practice: an agent that books an appointment, gives your opening hours or quotes your published fee is almost certainly nowhere near a "significant decision". An agent that starts to refuse, triage, prioritise or deny someone access to care is a different animal entirely, and ours does not do that. Anything clinical, and anything urgent, goes to a human on your team.

The ICO's guidance on this is currently in draft and out for consultation, so treat this as a moving area and keep a human in the loop for anything consequential.

What can actually go wrong

Two real cases, and note who got punished in each.

The ICO fined Advanced Computer Software Group £3.07 million after a ransomware attack. Advanced is a supplier that processes personal information on behalf of the NHS and other healthcare providers. The attackers got in through a customer account without multi-factor authentication. The Commissioner's words: the security measures "fell seriously short of what we would expect from an organisation processing such a large volume of sensitive information".

And a practice can be on the hook too: the ICO reprimanded a GP practice in December 2025 for sending 23 years of a terminally ill patient's medical records to an insurer, when five years had been asked for.

The lesson from both: ask your supplier hard questions about security, and be careful what data leaves your building.

The questions to ask any AI supplier

  1. Will you sign an Article 28 contract, with all eight clauses?
  2. Will you help me complete my DPIA, and do you have one of your own?
  3. Where is the data stored, and does any of it leave the UK?
  4. Do you use our calls to train your models? (If the answer is anything other than a clear no, ask a lot more questions.)
  5. Who are your sub-processors, and how do I find out when that changes?
  6. Is multi-factor authentication enforced on every account, including ours?
  7. What happens to every recording, transcript and record if we leave?

Vague answers are the answer.

Where a blog post stops and a lawyer starts

We are not going to pretend this article settles everything. It does not, and a supplier who claims their product makes you compliant is selling you something that does not exist. Compliance is a property of your practice, not of our software.

Get proper advice on: whether a specific booking or triage behaviour crosses into a "significant decision"; whether your Schedule 1 condition and Appropriate Policy Document are right; and anything involving records leaving the UK.

What we can do is not be the weak link.

Frequently asked questions

Who is responsible for patient data if an AI answers the phone?

Your practice. You are the controller. The AI supplier is your processor, acting on your documented instructions, and a written Article 28 contract between you is a legal requirement.

Is a DPIA required before deploying an AI agent in a dental practice?

Almost certainly. AI counts as "innovative technology" on the ICO's own list, and combined with sensitive data that makes a Data Protection Impact Assessment a requirement, to be done before the processing starts.

Is veterinary data special category data?

An animal's clinical record is not, because the definition applies to a natural person. Your clients' personal details are still personal data and still protected, but the Article 9 rules that apply to dental patient health data do not apply in the same way.

Do we have to tell callers they are being recorded?

Yes, if you record or transcribe calls. People must be told at the point of collection, and the ICO has taken enforcement action where they were not.

Does the AI make automated decisions about patients?

No. It books, answers admin questions and hands over. It does not refuse, triage or prioritise anyone's access to care, and anything clinical or urgent goes straight to a person on your team.

Sources

See it answer for your own business

Tell us how you run, and hear it answer live, built around your own information.

See pricing