As clinicians, we carry a sacred responsibility: to hold our clients’ stories in a space that is private, secure, and safe. Privacy protection becomes even more critical when we consider the sensitive nature of our supervision and training conversations. For example, when meeting online for review of cases leading to EMDR certification, we’re often consulting about treatment plans for more fragile clients. Discussing how to incorporate attachment issues into EMDR therapy is often a big part of consultation—and the discussions for attachment-based EMDR involve detailed case material and treatment planning for some of our most vulnerable clients, making privacy standards absolutely essential for both learning and practice environments. That applies not just to the work we do in session, but also to the technology we use to meet with them for therapy sessions, supervision, or case consults.
So here’s something to help ensure patient information is secure — especially if you use Zoom.
Are You Overlooking This Key Zoom Privacy Setting?
Even if you’ve turned off Zoom’s AI Companion feature (which you should), Zoom may still be able to access, decrypt, and record your meeting content — unless you’ve taken an extra step.
The key setting that matters here?
End-to-End Encryption (E2EE).
Without E2EE turned on:
Zoom uses “enhanced encryption” — but that’s not the same as true end-to-end
Your audio and video are encrypted between you and Zoom’s servers (not directly between you and your client)
That means Zoom can still decrypt and access your session data — to provide features like live transcription, analytics, or cloud recording
And yes, this could happen even without you realizing it
The Fix: Enable End-to-End Encryption (E2EE)
Here’s how to make sure your Zoom meetings are truly private:
Step-by-step:
Log in to Zoom
Navigate to Admin > Account Management > Account Settings
Under Meeting, find the setting: “Allow use of end-to-end encryption”
Toggle it ON (you should see a locked padlock)
Then go to Default encryption type
Select End-to-end encryption (again, look for the padlock)
That’s it. However, it makes a significant difference to ensure your session content is encrypted on your device, so Zoom can’t access it. That also means some convenience features are disabled. For example, cloud recording, live transcription, meeting analytics, and phone dial-in access for clients may be temporarily disabled (Zoom can’t record what it can’t access). But it may be an acceptable tradeoff to build and maintain client trust in a digital space.
Bottom Line
🔓 Without E2EE: Zoom can access and potentially store your meeting content on their servers.
🔐 With E2EE: Zoom can’t access it — even if they wanted to. That’s the whole point.
This is one of those behind-the-scenes moves that protects the container our work happens in. So, if you haven’t already — take five minutes, check your settings, and flip that switch.
🙏 A big thanks to Dr. Dana Baerger for spotlighting this. These are the kinds of things that don’t show up in training manuals but make a real difference in how we practice.
Have questions about privacy and telehealth platforms? I’m not a tech expert, but I’m happy to connect with experts to safeguard client information online. Let’s keep the conversation going — drop your thoughts below.
