The compliance-quartet AI scribes: who actually ships HIPAA + SOC 2 + GDPR + ISO 27001 in 2026

If you've evaluated more than two ambient AI scribes you'll have noticed something: every vendor lists a row of compliance badges on the marketing page, and almost none of them list the same row. One tool leads with HIPAA. Another leads with GDPR. A third leads with ISO 13485 and EU MDR. Most also claim some flavour of SOC 2 — but is it Type I, Type II, or just "SOC 2 aligned"?

This isn't compliance-theatre nitpicking. The four certifications most procurement teams actually care about cover different things, and a tool that ships only two of them has a real coverage gap for buyers in a specific market.

In 2026 we track 35 ambient AI medical scribes. Three of them publicly ship the full HIPAA + SOC 2 Type II + GDPR + ISO 27001 quartet. This post lays out who, why it matters, who falls one cert short, and how to read the disclosure on the other 30+ tools without taking marketing language at face value.

What each certification actually does

Worth being precise here, because the certifications cover meaningfully different territory:

• HIPAA is US healthcare-data law. A vendor "is HIPAA compliant" if it can operate as a Business Associate, sign a Business Associate Agreement (BAA), and implement the Security Rule. HIPAA is not a third-party audit — it's a self-attestation backed by your contract. The BAA is the operative document.
• SOC 2 Type II is a US-originated third-party audit of security, availability, processing integrity, confidentiality and privacy over a period of time (usually 6-12 months). Type I is a point-in-time audit; Type II is the substantive one. "SOC 2 Type II certified" means an independent auditor sampled the vendor's controls over months and signed off.
• GDPR is EU/UK data-protection law. A vendor "is GDPR compliant" if it has a Data Processing Agreement (DPA), a documented lawful basis, named sub-processors, and the data-subject-rights machinery. Like HIPAA, the GDPR posture is contractual — the DPA is the operative document.
• ISO 27001 is an international information-security-management-system standard. Certification is a third-party audit of the vendor's security management practices end-to-end. Many enterprise procurement teams treat ISO 27001 + SOC 2 II as a substitute for an internal security audit.

A tool with all four covers: US healthcare-data law, an audited US security review, EU data-protection law and an audited international security review. For a multi-region health system that's the floor — anything less means at least one market has to take the vendor's word for it.

The three tools that ship the full quartet

Three of the 35 tools in our catalog publicly enumerate all four certifications:

1. Nabla

HIPAA + SOC 2 Type II + GDPR + ISO 27001. Trust posture is unusually detailed on the /security page — Google Cloud Platform hosting with databases in the customer's region of choice, AES-256 at rest, TLS in transit, no audio stored by default, no training on customer data. 85,000+ clinicians deployed across 130+ health organizations and 20M+ annual encounters. $120M raised through Series C (June 2025). It's our 2026 Editor's Pick — and the compliance posture is half the reason.

2. Corti

HIPAA + SOC 2 Type II + GDPR + ISO 27001 — plus a longer list of additional certifications most ambient scribes never pursue: ISO 27018, ISO 27017, ISO 42001 (AI management), ISO 13485 (medical device quality), ISO 14971 (risk management), FedRAMP, NHS DSPT / DTAC / DCB0129, NIS2, DORA, ISAE 3000, Cyber Essentials Plus and BSI C5. Corti is also CE-marked under EU MDR (achieved October 2025). The catch: Corti isn't an end-user scribe — it's an API platform for clinical-AI infrastructure, used by partner products like Medatixx, Dedalus and Philips SpeechLive, plus emergency-dispatch customers like NHS Grampian, Boston EMS and Seattle Fire Department.

3. Sully.ai

HIPAA + SOC 2 Type II + ISO 27001 + GDPR — plus PIPEDA (Canada) and PDL. Broadest enumerated certification list of any tool in the catalog. Published per-provider pricing ($79/mo Pro, $99/mo Premium) and a multi-agent suite (Scribe + Receptionist + Medical Coder + Nurse Triage + Pharmacist + Consultant + Interpreter). 30,000+ providers; $34.8M raised across six rounds, Y Combinator backed.

Three different products, three different deployment models

The three quartet-tools sit at very different points on the buying funnel:

• Nabla is the clinician-facing scribe with a real free tier and a published Pro path — accessible to a solo clinician.
• Sully.ai is multi-agent — bigger surface area than just the scribe, sales-led onboarding, more relevant if you're automating across the practice.
• Corti is infrastructure — you're building on it, not using it as an end-user app.

If you're a solo clinician shopping for an ambient scribe with the most defensible compliance story today, Nabla is the obvious shortlist. If you're a clinic looking to consolidate front-desk + scribe + coding on one stack, Sully is. If you're a health system or partner-product team building your own clinical-AI surface, Corti is.

Who falls one cert short

The next ring of tools ships three of four. Each has a specific gap worth knowing:

• Heidi Health — HIPAA + SOC 2 + GDPR + Australian Privacy Principles + Cyber Essentials Plus. ISO 27001 isn't enumerated, though the underlying multi-region posture is broader than most tools' (110 languages across 116 countries, region-localized residency).
• Eleos Health — HIPAA + SOC 2 Type II + ISO 27001 + ISO 27799 + ISO 42001. GDPR isn't enumerated. That makes sense given the product is targeted at US community behavioral-health agencies — but it does mean a European deployment would need a separate DPA conversation.
• Knowtex — HIPAA + GDPR + ISO 27001 + SOC 2 Type I (not Type II). The Type-I-not-II gap is the kind of fine-print distinction most marketing pages obscure but enterprise security reviews catch. Type I is a point-in-time audit; Type II covers a period (usually 6-12 months) and is what most US enterprise security teams ask for.

The broader-certification stack tools that miss HIPAA

A few tools ship broader certification stacks than the four-cert quartet but explicitly don't claim HIPAA — because they don't sell into the US market:

• Tandem Health ships CE Mark + UKCA + GDPR + ISO 27001 + ISO 13485 + ISO 42001 + ISO 14001 + NEN 7510 + NHS Compliant — the broadest non-US enumeration in the catalog. No HIPAA, no US footprint. If you're Europe-only, this is arguably stronger than the four-cert quartet because it adds medical-device quality (ISO 13485) and AI-management (ISO 42001) certifications on top.
• Haidy / 44ai ships ISO 13485 + EU MDR + ISO 27001 + Swiss data residency. Switzerland-only by design.
• Tortus ships UK MHRA Class I medical device + NHS DTAC. UK-only.

For a Europe-only deployment these can be a stronger choice than a quartet-tool — the additional medical-device and AI-management certifications cover ground that pure data-protection certifications don't.

How to read the disclosure on the other 30+ tools

Most ambient scribes in the catalog enumerate 1-3 of the quartet, plus a varying mix of regional certifications. Here's the operating manual for reading what they publish:

1. If only HIPAA is listed, ask what that means contractually.

A "HIPAA compliant" badge with no third-party audit behind it means the vendor self-attests. Always ask: Will you sign a BAA on the standard plan, or does that require a custom enterprise contract? If the BAA is paywalled to enterprise, treat HIPAA as conditional on you upgrading. Tools that include the BAA on the standard plan are explicitly documenting that: see Twofold Health ("HIPAA + BAA included on all plans") for the right pattern.

2. If SOC 2 is listed without "Type II", assume Type I.

Type II requires the vendor to sustain its controls over months, sampled by an auditor. Type I is a point-in-time snapshot. A tool that ships SOC 2 Type II will say "Type II" — the absence of the qualifier is usually meaningful. The Knowtex example above is a worked one: their site enumerates "SOC 2" (Type I).

3. If GDPR is listed but data residency isn't, ask where the data actually lives.

GDPR compliance doesn't automatically mean EU-hosted; it means the contractual machinery is in place. For sensitive clinical data — and especially for Schrems II considerations on US-cloud-hosted EU data — you want the answer to which AWS / GCP / Azure region your audio and transcripts live in. The strongest disclosure patterns are: Stenoly ("EEA hosting"), Tandem Health ("All data stored and processed within EU data centers"), Nabla ("Google Cloud regional — databases in the region of your choice"), Voicepoint Xenon ("Medical data never leaves Switzerland").

4. If ISO 27001 is listed, check the certificate scope.

ISO 27001 certification has a documented scope — the certificate names which products, locations and data flows are covered. A vendor with an ISO 27001 certificate that covers "corporate operations" but not "the clinical-scribe product" is not actually giving you a security-audited scribe. Ask for the certificate (it's a public document; auditors publish them on registries).

5. The training-on-customer-data position is its own checklist.

None of the four certifications above address whether the vendor trains its models on your data. This is a separate contractual question that has emerged as a meaningful differentiator. The strongest disclosure patterns are tools that state explicitly: Nabla ("We don't train our models on your data"), Stenoly, Tandem Health ("Your data is never used to train AI"), Twofold Health, Mentalyc ("Your data is never used to train AI models"). The weakest pattern is silence on the topic.

What we'd ask in a procurement call

Six questions that cut through the marketing layer:

1. Can I see your SOC 2 Type II report (or Type I if Type II isn't yet)? — under NDA if needed. The presence/absence of the report tells you the audit is real, not branding.
2. What is the ISO 27001 certificate scope? — name the specific product covered.
3. Where physically is the audio stored, and where is the transcript stored? — these can be different regions; both matter.
4. Is the BAA included in the standard plan, or only enterprise? — relevant for US tools.
5. Do you use customer data to train models, fine-tune models, or generate evaluation datasets? — these are three different policies; vendors sometimes deny "training" but acknowledge the other two.
6. What is your audio retention default, and how is it configured? — "deleted post-transcription" is the floor; anything longer needs justification.

A vendor that answers all six cleanly is at a different maturity level from one that pivots to a feature pitch when you ask.

The three-tool list, restated

If you want the short version: Nabla, Corti and Sully.ai are the three ambient AI medical scribes in our catalog that publicly enumerate HIPAA + SOC 2 Type II + GDPR + ISO 27001 today.

For Europe-only deployments, Tandem Health ships a broader regulatory stack with the explicit HIPAA absence — and that's the right trade for an EU/UK practice. For Switzerland-only, Haidy and Voicepoint Xenon are the credible Swiss-resident choices.

Everything else — the other 28 tools — ships fewer than four. That doesn't make them bad products; some are excellent. It does mean they have a specific compliance gap your procurement team will discover, and you should know what it is before they do.

The full per-tool list with verified compliance fields is on the methodology page and on each individual tool review.