Session note de-identification is the removal of identifying data from a therapist’s free text. The common-law duty of confidence and UK GDPR Art. 9 protect substance misuse detail tightly. anonym.plus does this on your own device, and the prose stays readable.
When this applies
You want to share a case for supervision or teaching. The file names the client, a spouse, and an employer. Each one must be hidden first.
How anonym.plus handles it
- Open the file in anonym.plus on your own computer.
- Local OCR reads any scanned page, so typed text is caught too.
- It flags client names, dates, and any third party mentioned.
- Review each match and clear a clinical term caught in error.
- Replace each tag with a safe label, or black it out.
- Save the clean copy. The first version never leaves your machine.
What you need to provide
- The file (PDF, DOCX, TXT, or image scan).
- An operator: Replace (swap), Redact (remove), or Mask (partial).
- Optional: a key map if you must re-link cases later.
Patient data entity types detected
| Category | anonym.plus entity type | Example |
|---|---|---|
| Client name | PERSON | Daniel Okafor → [CLIENT_1] |
| Session date | DATE_TIME | Seen 04/02/2026 → [DATE] |
| Spouse named | PERSON | wife Karen → [FAMILY_1] |
| Employer | ORGANIZATION | Atlas Logistics → [EMPLOYER] |
| Phone | PHONE_NUMBER | +44 7911 123456 → [PHONE] |
| NHS number | NHS_NUMBER | NHS 485 777 3456 → [NHS_NO] |
Compliance achieved
- Strips identifiers in substance misuse text under the common-law duty of confidence & UK GDPR Art. 9.
- Runs offline, so no cloud processor contract is needed.
- Working files are sealed with AES-256-GCM.
- Anonymisation assessed against the ICO motivated-intruder test (UK GDPR Recital 26).
Anonymise therapy session notes offline — see plans & start free →
Limitations & cautions
The common-law duty of confidence limits who may see the data and how it may be re-shared. The tool removes named identifiers from the text. You still judge rare free-text clues that could point back to one person.
Frequently asked questions
Why is substance misuse data treated with extra care?
UK law and NHS policy treat substance misuse records as highly sensitive. The common-law duty of confidence restricts re-disclosure, and UK GDPR Art. 9 requires an explicit condition before processing. The bar is higher than for ordinary health data.
Do I need a data processor contract?
No. The app runs on your own device with no cloud step. No outside party touches the data, so no processor agreement is needed.
Are family members hidden too?
Yes. A named spouse, parent, or employer is an identifier. The tool flags each one so a reader cannot trace the client through a relative or workplace.