Private Concerns: Protecting Client Data

Small business
Written By Carla Mullins

In a world of constant display, it is sometimes easy to forget that there is such a thing as privacy - that we have the right to be left alone with our thoughts, personal information and personal lives. While we have become accustomed to scrolling through feeds of content and advertising carefully shaped by algorithms, we should still pause to consider what is happening to the information we share, both knowingly and unknowingly. 

For Pilates practitioners and studio owners, this discussion is becoming increasingly important. We collect far more sensitive information than many people realise. Health histories, injuries, movement limitations, personal circumstances and even casual conversations shared during sessions all form part of the environments we create within our studios. Understanding our responsibilities around collecting, storing and sharing this information is essential for maintaining client trust and meeting our legal and ethical obligations. 

As technology continues to evolve, new challenges are emerging around privacy and consent. Smartwatches, AI-powered note-taking systems, online booking platforms and wearable technologies are now deeply embedded in modern life and increasingly present within Allied Health and movement spaces. While these systems can improve efficiency and convenience, they also raise important questions about what information is being collected, where it is stored, who has access to it and whether clients genuinely understand what they are consenting to. 

When working with clients, I believe we should continually come back to a few simple questions. 

Why are we collecting this information? Is it genuinely relevant to the service we are providing? If that information were accidentally shared, what would the consequences be for the client? These considerations become particularly important when studios collect additional information for marketing purposes rather than clinical or professional necessity. 

The rapid development of AI technology adds another layer of complexity. Many practitioners are now exploring AI-assisted scribing tools and digital systems to support note-taking and administration. While these technologies can be helpful, I think it is important that we carefully consider the trade-off between convenience and privacy. If conversations during an appointment are being recorded or processed through AI systems, clients deserve transparency around how that information is being used, stored and protected. 

Below I have compiled a checklist of points to consider before introducing AI and

other similar technology in your studio.

  • Do you have a written explanation available to clients about the

technology and how it will be used

  • Do you have a process in place to check in with your client at each

appointment regarding the use of AI during their session?

  • Do you have a clear process of how you can remove the technology from

your therapy room when a client opts out of the use of AI?

Similarly, many Pilates studios now rely heavily on digital booking and client management systems. However, not all platforms operate under the same privacy standards, particularly when information is stored overseas. As studio owners and practitioners, we have a responsibility requirement to confirm that our clients’ sensitive information is being held in servers located in Australia or countries with similar privacy standards.

I appreciate that conversations around privacy, consent and AI can feel overwhelming at times. However, I think it is important that we engage with these issues thoughtfully rather than simply assuming the technology will take care of itself. Clients place enormous trust in us, often sharing deeply personal information because they feel safe within our care. Protecting that trust should remain central to the way we practise.

As practitioners, we often speak about creating safe spaces for movement, growth and wellbeing. I believe that responsibility should also extend to the protection of our clients’ personal information. In many ways, privacy is not separate from care - it is part of care. As technology continues to evolve, I think it is important that we remain curious, informed and willing to ask difficult questions about the systems we use and the information we collect. A helpful principle I return to is simple: treat your clients’ privacy the way you would want your own privacy treated.

Carla is the co-director and co-owner of Body Organics and Body Organics Education. Find out more HERE.



References

https://www.oaic.gov.au/privacy/your-privacy-rights/your-personal-information/consent-to-the-ha

ndling-of-personal-information

https://staytuned.substack.com/cp/184600139

https://substack.com/home/post/p-177932954

Warren, S. D., & Brandeis, L. D. (1890). The Right to Privacy. Harvard Law Review, 4(5),

193–220.

https://www.jstor.org/stable/1321160?origin=crossref

Nita Farahany (https://substack.com/home/post/p-177932954)

Carla Mullins
Previous

Are We Teaching Exercises - or Teaching Pilates?
Next

The Benefits of Pilates for Patients With Multiple Sclerosis: A Systematic Review