Scope of use

Written to be citable in your own DPIA, supervision log, or professional-body evidence.

Cogent Clinic is a software tool that supports HCPC-registered practitioner psychologists in the United Kingdom with documentation and clinical-practice workflows. It is a practice environment designed around one principle: the clinician is the author of record on every output, and the software helps them write it.

Cogent Clinic is a Class I medical device under the UK Medical Devices Regulations 2002, manufactured and self-certified by Cogent Clinic Ltd, and registered with the MHRA.

Who the product is for

The product is intended exclusively for HCPC-registered practitioner psychologists in the United Kingdom. Its documentation conventions and prompt content are tuned to the seven protected titles on the HCPC Practitioner Psychologist register:

• Clinical psychologists,
• Counselling psychologists,
• Forensic psychologists,
• Health psychologists,
• Educational psychologists,
• Occupational psychologists,
• Sport and exercise psychologists.

The audience has been scoped tightly so that prompts, documentation standards, and modality coverage stay anchored to one professional register. The product may broaden to adjacent registered professions once that work is bedded in.

The product is not intended for use by patients, members of the public, unqualified practitioners, trainees not yet on the HCPC register, or other clinical professions at this stage.

What the product does

The product offers a small set of connected surfaces:

• Document drafting and revision. Structured templates for session notes (CBT, EMDR, CFT, Schema, ACT, integrative), assessment session notes, client-facing formulation letters, supervision summaries, and supervision briefs. Drafts are produced from clinician-provided content and are always subject to clinician review before use.
• Client folders. A longitudinal workspace per client, holding drafts, a treatment-plan record (presenting issues, goals, interventions, next steps), and filing metadata.
• Treatment-plan structuring. A four-section treatment-plan record for each client that the clinician maintains. The product recognises and organises the clinician's own treatment-plan text into the conventional sections; it does not propose formulation content of its own.
• Supervision preparation. A brief format that helps the clinician prepare a case for supervision.
• Live session transcription. In-browser audio capture streamed directly to an EU-hosted speech-to-text service, with UK GDPR transfers covered by the UK Addendum to the EU SCCs and a contractual opt-out from model training and benchmarking on customer audio and transcripts. Audio does not transit the product's infrastructure. The returned text is encrypted on the device and, at the clinician's choice, stored under the client folder as ciphertext inside the UK.
• Folder-scoped reflective-thinking chat. A space to think out loud about a client with the AI. The chat has the folder's plan and recent drafts as context and does not cross folder boundaries.
• Documentation-completeness check. A structural review of a finished draft against a per-document-type checklist. It reports what is missing against the structure of a well-written document of that type; it does not rate clinical quality.

What the product does not do

The AI inside Cogent Clinic does not:

• diagnose a client, even speculatively,
• recommend a treatment, medication, or intervention,
• predict outcomes or infer risk beyond what the clinician has documented,
• interpret psychometric scores against published cut-offs on its own initiative,
• map symptoms or observations onto diagnostic criteria,
• introduce symptoms, observations, or numeric claims that are not in the clinician's inputs,
• act on behalf of the client, the referrer, or anyone else in the clinical relationship.

The architectural boundary the device is built against: it reproduces, reformats, and organises content the clinician has authored or supplied, and it contributes no clinical reasoning of its own.

Out of scope of the registered device

The following features may exist in the wider Cogent Clinic codebase or under the Cogent Clinic brand. They are not part of the registered Class I medical device and are operated under separate arrangements:

• Neurodevelopmental assessment reports (ADHD, autism, and combined types). These features either remain in beta outside the registered scope or are migrated to a separate code path with an in-product notice. The classification reasoning is recorded in the manufacturer's technical documentation file.
• Cogent Witness (expert witness report drafting). A separate product operated under medico-legal regulatory arrangements (CPR Practice Direction 35, Academy of Experts guidance, CJC statement-of-truth requirements).

How identifying content is handled

The product operates on clinician-provided, client-side de-identified content. Names, NHS numbers, phone numbers, email addresses, postcodes, dates, and comparable identifiers are detected in the clinician's browser and replaced with neutral placeholders before any content is transmitted for inference. The reverse mapping is stored on the clinician's device, encrypted with a key derived from the clinician's account password, and is not held on the product's infrastructure.

"De-identification" is the word used in-product because it reads more clearly for clinicians. The formally correct UK GDPR term is "pseudonymisation", because the swap is reversible, but only by the clinician holding the key.

Responsibility for reviewing detected identifiers before generation, for deciding what is appropriate to submit, and for maintaining patient confidentiality under UK GDPR, the Common Law Duty of Confidentiality, and the clinician's applicable professional code, rests with the clinician.

How live transcription is handled

When a clinician uses the live-transcription feature, audio streams directly from the clinician's browser to an EU-hosted speech-to-text service over a short-lived token minted per session. Audio does not transit the product's infrastructure. UK GDPR transfers are covered by the UK Addendum to the EU SCCs (part of the sub-processor's Data Processing Addendum). Cogent Clinic Ltd has opted out of the sub-processor using customer audio or transcripts for model training, benchmarking, or de-identified model development, via the sub-processor's documented opt-out process. The returned text transcript is held in the clinician's browser and, if the clinician chooses, saved under the relevant client folder as ciphertext encrypted with a key derived from the clinician's account password. All stored data, including the ciphertext transcript and audit records, remains in the UK. The product stores ciphertext only and cannot read transcripts.

Obtaining any consent required by the clinician's professional or regulatory framework before using live transcription is the clinician's responsibility.

Residual risk and clinician responsibility

Outputs are generated by a large language model and may contain errors, omissions, or carry forward imprecise detail from the clinician's inputs. The product runs safeguards (server-side identifier scan on every output, client-side round-trip validation against the placeholder map, optional documentation-completeness check) but these reduce, rather than eliminate, the risk that an output needs careful review. The clinician remains fully and solely responsible for the clinical content, accuracy, and appropriateness of any documentation or other artefact derived from the product. The principle that a draft is not part of the clinical record until the clinician has reviewed, edited, and signed it off is the central safety control of the device.

Regulatory status

Cogent Clinic is a Class I medical device under the UK Medical Devices Regulations 2002, as amended, registered with the MHRA. Conformity is self-certified by the manufacturer, Cogent Clinic Ltd. The formal Intended Purpose statement is at /trust/intended-purpose. The Instructions for Use is at /about/instructions-for-use. The manufacturer's vigilance contact is in the in-product About panel under Settings. Adverse incidents involving the device may be reported directly to the MHRA through the Yellow Card scheme at yellowcard.mhra.gov.uk in addition to reporting to the manufacturer.

What this page is for

This page is the version of the intended-use statement a clinician can cite in their own DPIA, supervision log, insurance documentation, or professional-body evidence. If your regulator, DPO, insurer, or supervisor wants a more detailed version, the customer-facing Trust Centre covers security, sub-processors, retention, data-subject rights, and AI principles; the manufacturer's full technical documentation file is available under NDA on request.