LMFT Guide to Writing HIPAA-Compliant Therapy Notes with SOAP Note Examples

Understanding HIPAA for LMFTs

The Health Insurance Portability and Accountability Act (HIPAA) safeguards patients' protected health information (PHI). LMFTs are considered covered healthcare providers under HIPAA and must comply with its rules to protect patient privacy. Therapy notes containing details about a patient's mental health condition, diagnoses, and treatment progress all fall under PHI.

Key Components of HIPAA-Compliant Therapy Notes

When crafting therapy notes, LMFTs must strike a balance between capturing essential details for care and strictly adhering to HIPAA privacy regulations. Here's a breakdown of the key components to ensure your notes are informative and compliant:

Focus on Objective Data:

- Behavior: Document observable behaviors displayed by the client during the session. This might include restlessness, tearfulness, difficulty concentrating, or changes in body language.

- Presenting Concerns: Capture the client's main reasons for seeking therapy. Use their own words whenever possible, but remember to paraphrase to remove identifying details.

- Session Details: Include factual information about the session itself. This could involve specific interventions used, topics explored, and client responses to those interventions.

- Outcomes: Document any observable changes in the client's mood, behavior, or self-reported progress towards goals.

Power Up Your Practise with S10.AI

▶ Real-Time Scribing 

Captures every detail while you take care of your patients

▶  99% Accuracy Guaranteed

Eliminate errors, ensure complete records

▶  Patented AI Tech Built for Trust, Safety, and Efficacy.

Data protected and Certified for HIPAA ,PIPEDA & GDPR Compliant.

▶  Boost Revenue & Productivity

Faster charting = more patients seen

▶  1-Minute Chart Closure:

Experience the power of 1-minute chart closure and prioritize patient well-being

▶  Works With & Without EHR for All Specialties

Seamlessly integrates with any EHR (EPIC, Raxis EMR, Oracle Cerner, CPSI, eClinicalWorks, Athenahealth, Practice Fusion, and more)

 Even if you don't use an EHR, S10.AI has you covered

Experience S10 AI 

Avoid Using Identifying Information:

- Client Names: Use initials or pseudonyms throughout the note.

- Dates and Locations: While you should document the date of the session, avoid including specific details like birthdays or exact addresses.

- Relatives and Others: If discussing family members or other individuals involved in the client's life, use generic terms like "partner," "family member," or "friend." Avoid using names or details that could reveal their identities.

- Workplace and School Details: Omit any information that could pinpoint the client's place of work or education.

Streamline Your Documentation & Focus on Client Care. Try S10.AI's Therapy Note Generator! 

Maintain Professional Language:

- Clear and Concise: Use clear, concise, and objective language. Avoid overly technical jargon or emotional language that could be misinterpreted.

- Clinical Terminology: Use appropriate clinical terms to accurately describe the client's presenting concerns,behaviors, and progress.

- Avoid Bias: Maintain a neutral and unbiased tone when documenting the session.

Stop Drowning in EHRs: S10.AI Robot Scribes - Your Burnout Buster Solution!

Include Essential Information:

- Date and Time: Always include the date and time of the session at the beginning of the note.

- Client Information: Document the client's initials or pseudonym, date of birth (DOB) if necessary, and reason for seeking therapy.

- Licensing Information: Include your LMFT license number and state for legal and professional purposes.

Write Therapy Notes Faster with S10 AI 

 

▶ HIPAA & Insurance Hassle-Free: 

Combines compliance for a smoother workflow.

 

▶  Supports All Note Formats (SOAP, DAP, EMDR & More): 

Emphasizes broad note type compatibility.

 

▶  Seamless Documentation for Every Therapy Setting:

 Highlights catering to various therapy needs.

 

▶  Your Way, Your Notes: Record, Dictate, Type, or Upload:

 Focuses on user preference and flexibility in note creation.

 

 

Experience S10 AI

Remember:

- Less is More: While detailed notes are important, prioritize capturing essential information while avoiding unnecessary details that might violate HIPAA.

- Context is Key: Provide enough context for the note to be understood by other authorized healthcare providers involved in the client's care, but avoid including overly personal details.

- Document Diligently: Document your notes as soon as possible after each session to ensure accuracy and capture key details while they are fresh in your mind.

By adhering to these key components, LMFTs can create HIPAA-compliant therapy notes that effectively support patient care and protect client privacy.

SOAP Note Examples for LMFTs:

Example 1: Client with Anxiety

Subjective: "Client (A.N.) reports feeling anxious and overwhelmed about upcoming work deadlines. She describes difficulty sleeping and experiencing constant worry."

Objective: "Client appears fidgety and maintains eye contact infrequently. Speech is rapid with pressured quality."

Assessment: "A.N. presents with symptoms consistent with generalized anxiety disorder. Further exploration of triggers and coping mechanisms is warranted."

Plan: "Develop relaxation techniques and psychoeducation on anxiety management. Explore cognitive restructuring to address negative thought patterns."

Example 2: Couple's Therapy

Subjective: "Both partners (J.M. & K.L.) report feeling disconnected and frustrated with communication patterns. They express a desire to improve communication and rebuild intimacy."

Objective: "Couple exhibits limited eye contact and frequent interruptions during communication attempts. Body language suggests emotional withdrawal."

Assessment: "J.M. & K.L. appear to be struggling with ineffective communication patterns. The Gottman Institute Method may be beneficial in teaching healthy communication skills."

Plan: "Introduce active listening techniques and communication exercises. Encourage expression of needs and wants in a respectful manner."

Remember, these are just examples. Tailor your SOAP notes to each client's unique situation and treatment plan.

Save time with S10.AI!

▶ HIPAA Compliant

▶ Insurance Compliant

▶ SOAP , DAP , EMDR , Intake notes & more

▶ Individual , Couple , Child , Family therapy Types

▶ Customizable Note Format, Tailor the note format to your specific needs.

▶ Notes can be directly posted to your electronic health record system.

Try S10.AI Now 

Example 3: Client with Depression

Subjective: "Client (M.H.) reports feeling low in mood and lacking motivation for the past few weeks. He describes difficulty concentrating and a loss of interest in activities he used to enjoy. He also mentions having thoughts of worthlessness and hopelessness."

Objective: "Client appears tearful with slumped posture and limited eye contact. Speech is slow and monotone.Psychomotor activity is sluggish."

Assessment: "M.H. presents with symptoms consistent with major depressive disorder. A risk assessment for suicidal ideation is necessary."

Plan: "Develop a safety plan and collaborate with a psychiatrist regarding potential medication management.Implement cognitive-behavioral therapy (CBT) techniques to address negative thinking patterns and increase motivation."

Example 4: Family Therapy

Subjective: "Parents (J.C. & A.B.) express concern about their teenage son's (T.L.) recent behavioral changes,including withdrawal from social activities and declining grades. T.L. reports feeling misunderstood and frustrated with parental expectations."

Objective: "Parents appear tense and worried during the session. T.L. avoids eye contact and displays nonverbal cues of defiance when addressed by parents."

Assessment: "The family appears to be struggling with communication and conflict resolution. Exploring family dynamics and implementing communication skills training may be beneficial."

Plan: "Utilize family systems therapy techniques to improve communication between parents and T.L. Encourage expression of needs and feelings in a healthy manner. Develop strategies for setting boundaries and managing conflict."

Say Goodbye to Burnout, Hello to Efficiency: S10.AI - Your AI Ally!

Example 5: Individual Therapy with Grief

Subjective: "Client (S.P.) reports experiencing intense sadness and emotional pain following the recent loss of her spouse. She describes feelings of loneliness, fear of the future, and difficulty accepting the loss."

Objective: "Client appears tearful throughout the session. Speech is choked with emotion. Client frequently mentions memories of her spouse."

Assessment: "S.P. is in the early stages of grief following a significant loss. Providing support and psychoeducation on the grieving process is crucial."

Plan: "Utilize supportive therapy techniques to help S.P. process her emotions and begin to adjust to her new reality. Explore grief support groups or individual grief counseling if needed."

Example 6: Premarital Counseling

Subjective: "Both partners (C.D. & E.F.) express excitement about upcoming marriage but also acknowledge some areas of disagreement regarding finances, family involvement, and future goals."

Objective: "Couple exhibits good eye contact and displays positive physical affection towards each other.However, nonverbal cues indicate some tension during discussions about finances."

Assessment: "C.D. and E.F. appear well-matched but could benefit from premarital counseling to address potential areas of conflict and strengthen their communication skills."

Plan: "Utilize premarital counseling resources to explore financial planning strategies, healthy communication patterns, and conflict resolution techniques."

Recommended Reading : What Is PIRP Notes? How To Write PIRP Notes?

Example 7: Child with ADHD

Subjective: "Parents (G.H. & I.J.) report concerns about their child's (K.L.) hyperactivity, impulsivity, and difficulty focusing in school. K.L. describes feeling frustrated with schoolwork and social interactions."

Objective: "K.L. appears fidgety and easily distracted during the session. He has difficulty staying seated and blurts out answers before questions are fully asked."

Assessment: "K.L. may be exhibiting symptoms of Attention Deficit Hyperactivity Disorder (ADHD).Collaboration with a pediatrician or psychiatrist for evaluation and potential medication management is recommended."

Plan: "Provide psychoeducation on ADHD for parents and K.L. Explore behavior modification techniques and recommend parent-child interaction therapy (PCIT) to improve communication and manage challenging behaviors."

Example 8: Individual Therapy with Relationship Issues

Subjective: "Client (L.M.) reports feeling insecure and experiencing jealousy in their current romantic relationship.They express difficulty trusting their partner and a desire for healthier communication."

Objective: "Client appears anxious and exhibits tearfulness when discussing their partner. Speech is hesitant and filled with self-doubt."

Assessment: "L.M. may be struggling with low self-esteem and attachment issues impacting their relationship.Exploring the root causes of these patterns and developing healthy coping mechanisms is crucial."

Plan: "Utilize cognitive-behavioral therapy (CBT) techniques to address negative self-beliefs and promote emotional regulation. Explore attachment styles and communication skills to foster a more secure and trusting relationship."

Additional Tips for LMFT Notes

FAQs

1) Why do therapists need to write psychotherapy notes in a HIPAA-compliant manner?

Why Therapists Must Keep Psychotherapy Notes HIPAA-Compliant

Therapists don’t just jot down notes for their own benefit—the way they handle, store, and share those notes matters a great deal. Because psychotherapy notes often include sensitive details about sessions and patient health, they fall under the category of protected health information (PHI). This means therapists are legally required to safeguard these notes so that personal information stays private and secure.

In fact, federal regulations like the Health Insurance Portability and Accountability Act (HIPAA) set strict standards to ensure patient confidentiality. By following HIPAA guidelines, therapists help make sure that:

Patient identities and health details aren’t accidentally revealed

Only individuals with explicit permission can access these records

Therapy remains a safe, private space for honest conversation

In short, HIPAA-compliance isn’t just paperwork. It’s a vital part of building trust between therapists and their clients—because people share what matters most when they know their privacy is protected.

2) How should therapists refer to patients in their notes to maintain confidentiality?

How to Refer to Patients in Notes for Confidentiality

When keeping therapy notes, it’s essential to prioritize patient privacy. Always use “the patient” instead of the individual’s actual name throughout your documentation. If specific identification is necessary, opt for the person’s initials in place of their full name.Additionally, leave out any details that might make the patient easily identifiable—this means excluding things like addresses, dates of birth, or other personal information. This approach helps ensure that your notes protect the patient’s identity and fully comply with confidentiality standards.

3) What identifying information should be excluded from psychotherapy notes to protect patient privacy?

Protecting Patient Privacy in Psychotherapy Notes

When documenting psychotherapy sessions, it’s essential to leave out any details that could reveal a patient's identity. This means omitting names, specific addresses, dates of birth, and other unique identifiers. Instead of using a patient's actual name in your notes, either stick with “the patient” or use their initials if absolutely necessary. Steering clear of personal information helps to maintain confidentiality and keeps your documentation compliant with privacy standards, such as those outlined by HIPAA and other professional guidelines.

4) Why is it important to keep psychotherapy notes separate from the rest of a patient's medical record?

Why Separation Matters for Psychotherapy Notes

Keeping psychotherapy notes separate from the general medical record isn’t just a HIPAA preference—it’s a critical safeguard for patient privacy. By maintaining this clear distinction, therapists ensure highly sensitive observations, impressions, and personal reflections remain confidential and are not unnecessarily circulated within broader healthcare files.This separation also protects patients if a third party, such as a lawyer or insurance company, requests documents. Unlike general treatment notes, psychotherapy notes have extra legal protections and typically require a specific court order or patient authorization before release. In other words, that extra layer of separation exists to respect the unique trust inherent in therapeutic conversations and to help shield those insights from unintended exposure.

5) What steps should therapists take to keep their psychotherapy notes secure?

Steps Therapists Should Take to Secure Psychotherapy Notes

Safeguarding psychotherapy notes isn’t just good practice—it’s an ethical and legal requirement. To ensure privacy and HIPAA compliance, therapists should prioritize these key steps:

Store Notes Securely

Whether you prefer paper or digital records, security must take precedence. Keep paper notes in locked filing cabinets—not just in your desk drawer. Digital notes should reside on password-protected computers or reputable, encrypted services like Dropbox Business, Google Workspace, or Microsoft OneDrive for Business.

Separate Psychotherapy Notes from Medical Records

Psychotherapy notes require a higher level of confidentiality. Keep them physically and electronically distinct from general medical records to prevent accidental disclosure during routine record requests.

Limit Information Sharing

Discuss note-sharing policies with staff and strictly control access. If disclosure to another healthcare provider is necessary, always obtain written patient authorization first—and only share the minimum necessary information.

Minimize Identifying Details

Reduce risk by omitting or abbreviating identifiers. Refer to clients as “the patient” or use initials rather than full names. This applies both in written notes and digital files.

Properly Dispose of Old Notes

When records are no longer required, destroy them securely—use a cross-cut shredder for paper and secure-erase tools for electronic files. Never leave sensitive reports in recycling bins or standard trash.

Train Staff Regularly

Everyone on your team should know how to handle protected health information. Provide training on HIPAA’s Privacy and Security Rules and update procedures regularly, especially when adopting new technologies or workflow changes.

By following these steps, therapists can protect sensitive psychotherapy notes and maintain trust with their clients.

6) How does following HIPAA compliance guidelines benefit both therapists and their patients?

Why HIPAA Compliance Matters for Therapists and Patients

Adhering to HIPAA compliance guidelines protects patient privacy—ensuring that sensitive information stays confidential and secure. For therapists, this reduces the risk of legal issues, strengthens professional credibility, and helps maintain trust with clients. Patients, in turn, gain peace of mind knowing their personal details are handled responsibly, which can encourage openness and honesty in sessions. In short, robust privacy practices support a safe, trustworthy therapeutic environment for everyone involved.

7) With whom can therapists share psychotherapy notes and what authorization is required?

Sharing Psychotherapy Notes: Who and How

Therapists must take extra care when it comes to sharing psychotherapy notes, as these are protected under HIPAA just like all other forms of Protected Health Information (PHI). In most cases, psychotherapy notes cannot be disclosed to anyone—including other healthcare providers—without explicit, written consent from the client.If a situation arises where these notes need to be shared, such as during a referral to another mental health professional, you are required to first obtain the patient’s written authorization. Even with this consent, only the specific details relevant to the referral or ongoing care should be disclosed, ensuring that the privacy of sensitive information is maintained at all times.

8) Under what circumstances can psychotherapy notes be released to third parties?

When Can Psychotherapy Notes Be Shared With Others?

Psychotherapy notes are given special protections under HIPAA and generally cannot be disclosed without the patient's explicit written permission. However, there are specific situations where these notes may be released to third parties, including:

Court Orders or Subpoenas: If a judge issues a court order or subpoena, therapists may be legally required to share psychotherapy notes.

Legal Compliance: Certain laws may necessitate the disclosure of notes, for example, if required by an investigation from agencies like the FBI or requests under the Patriot Act.

Threats to Safety: If there is an immediate risk of harm to the patient or others, relevant information may be disclosed to prevent injury, as permitted by law.

Outside of these defined exceptions, psychotherapy notes remain confidential and separate from the standard medical record, safeguarding the privacy of therapist and patient conversations.

9) What should therapists do when making corrections to psychotherapy notes?

Correcting Psychotherapy Notes

When you discover an error or omission in your psychotherapy notes, transparency is key. Make the correction by adding a clearly dated and initialed entry, rather than altering the original content. This approach maintains the integrity of your records and provides a clear trail of what was changed and when. It’s always better to be thorough—provide enough context and detail so anyone reviewing the notes understands the reason for the correction and the circumstances surrounding it.

10) Why is it important to keep psychotherapy notes accurate and up-to-date?

Why Accuracy and Timeliness Matter in Psychotherapy Notes

Maintaining precise and current psychotherapy notes isn’t just a matter of professional best practice—it’s essential for multiple reasons.

First and foremost, detailed documentation ensures the continuity of care. Should you or another clinician need to review a case months (or even years) down the line, thorough notes make it possible to understand the client’s progress and treatment history without missing a beat.

Accurate records also play a protective role for both therapists and clients. In situations where legal questions arise—such as court proceedings or insurance audits—well-kept notes can clarify what took place during sessions and demonstrate adherence to appropriate standards of care.

When updates or corrections are necessary, always clearly mark the changes with dates and initials. This not only preserves the integrity of your documentation but also reflects transparency in your practice.

Ultimately, erring on the side of comprehensive, up-to-date records supports ethical and effective treatment—and gives you peace of mind should your notes ever be called into question.

11) What are the recommended methods for destroying old psychotherapy notes?

Safely Disposing of Psychotherapy Notes

When it's time to discard old psychotherapy notes, confidentiality is your top priority. To ensure sensitive information stays protected, use secure disposal methods recognized across industries:

Shredding: Feed paper documents through a cross-cut shredder, which renders the information unreadable.

Incineration: Burning notes in a controlled environment is another effective way to eliminate records permanently.

Professional Disposal Services: Consider certified document destruction services, such as those provided by Iron Mountain or Shred-it, for bulk quantities or added legal compliance.

Secured Storage Until Disposal: If immediate destruction isn’t feasible, store notes in locked, access-controlled locations until you can dispose of them properly.

Whatever method you choose, always follow applicable regulations (like HIPAA in the U.S.) to safeguard client privacy throughout the process.

12) What is considered protected health information (PHI) under HIPAA?

What Is Protected Health Information (PHI) Under HIPAA?

Protected Health Information, or PHI, encompasses any details that can be linked to an individual and pertain to their physical or mental health, the provision of healthcare services, or payment for those services. This includes obvious items like names, addresses, birth dates, and Social Security numbers, but also extends to less apparent identifiers—such as medical record numbers, full-face photographs, or even details about a specific diagnosis or treatment.Under the HIPAA rules, PHI isn’t limited to just medical records. It also covers information discussed between you and your care provider, billing data, and, significantly, psychotherapy notes. In short, if the information could be used to identify you and relates to your health or healthcare, it falls into the PHI category and is subject to federal privacy protections.

13) What are the key rules and procedures therapists should review with their staff regarding HIPAA compliance?

Key HIPAA Rules and Training Procedures for Your Team

Don't let HIPAA be the monster under your staff's bed—tame it together. Start by gathering the team (snacks optional, but encouraged), and walk everyone through the basics:

Privacy Rule: Emphasize how client health information must be kept confidential, what information counts as protected, and the circumstances (very few!) when details can be shared.

Security Rule: Outline what's required to keep electronic records safe. This means passwords, regular security updates, and making sure your email isn’t an open window for wandering eyes.

Your Office Policies: Go over how you store, transmit, and dispose of sensitive information. From locked file cabinets to encrypted Dropbox folders, details matter.

Reporting Procedures: Make it clear when and how team members should report accidental exposures or suspicious activity—no shame, just a quick fix.

And remember: HIPAA is more marathon than sprint. Routine check-ins and refresher sessions can help keep everyone up to speed and out of compliance quicksand.

14) Why is it important for all staff members to be trained in HIPAA compliance?

Why Staff Training on HIPAA Compliance Matters

When it comes to handling protected health information (PHI), every team member plays a crucial role in keeping sensitive patient data secure. If just one person is unfamiliar with the rules set by the HIPAA Privacy and Security Rules, it could lead to accidental disclosures or breaches—which are not only costly in terms of fines but can also damage trust and reputation.By ensuring all staff are well-versed in HIPAA requirements, you help create a workplace culture focused on privacy. Regular training equips everyone with the knowledge to recognize potential pitfalls—like accidentally sending information to the wrong email, leaving files unattended, or discussing details where others can overhear.Ultimately, consistent and thorough staff training reduces the risk of errors and reinforces your commitment to patient confidentiality. This isn’t just about staying on the right side of regulations—it’s about upholding the trust patients place in your care.