Local AI for Psychotherapy: §203 StGB, Highest Confidentiality, RAG
Editorial note: The information in this article was compiled to the best of our knowledge at the time of publication. Technical details, prices, versions, licensing terms, and external content may change. Please verify the information provided independently, particularly before making business-critical or security-related decisions. This article does not replace individual professional, legal, or tax advice.
AI in the therapy practice without risking confidentiality? We build local, §203-compliant AI on your hardware - see AI for psychotherapists and AI for confidentiality professionals, or book an initial consultation.
Session documentation, reports to assessors, structuring histories - after every hour there is writing to do, and AI can save a lot of time here. The problem is not the AI but where the data flows. Therapy content is among the most sensitive data of all - entering it into cloud AI is regularly a breach of psychotherapeutic confidentiality.
The good news: there is a clear, legal path. It runs through local AI that never leaves the practice - turnkey, even without your own IT team. This article frames the legal situation, shows the permitted operating models, and explains how we build a RAG pipeline on your practice knowledge.
Table of contents
- The legal situation in 2026: §203 StGB and GDPR Art. 9
- Why cloud AI becomes a risk for therapy practices
- Operating models for therapy-practice AI
- The RAG pipeline: components step by step
- Connecting multiple knowledge sources securely
- How we work at WZ-IT
- Further guides
The legal situation in 2026: §203 StGB and GDPR Art. 9
Psychotherapeutic confidentiality is criminally sanctioned via §203 StGB. The norm names psychological psychotherapists as well as child and adolescent psychotherapists explicitly. Therapy content gives intimate insights into patients' psychological state - it is therefore subject to a particularly high level of protection. Health data is additionally specially protected under Art. 9 GDPR; processing it generally requires explicit consent.
For engaging external AI providers, §203 (3) s. 2 StGB applies: a participating person may only have secrets revealed to the extent necessary - and is itself included in liability under §203 (4) StGB. We therefore bind ourselves to confidentiality in text form (§126b BGB) and are warned about the criminal consequences.
The DPA under Art. 28 GDPR only governs data protection, not the criminally sanctioned confidentiality - both layers must be satisfied. From 2 August 2026, transparency obligations of the EU AI Act for deployers also apply (as of June 2026, European Commission). This article is general information and not legal advice.
Why cloud AI becomes a risk for therapy practices
For hardly any other profession is cloud AI so problematic:
- Maximum sensitivity. Therapy content is health data of the most intimate kind. Any transmission to third-party servers is a considerable risk.
- The subprocessor chain. An AI provider itself uses subprocessors (Azure, AWS, and others). Each would have to be bound - not practically feasible.
- The CLOUD Act. US providers are subject to the US CLOUD Act; an EU region does not protect as long as a US parent company stands behind it.
With local AI in the practice the cloud risk disappears: the data does not leave the room. Because we retain maintenance access, we remain a participating person - which is why we supply the §203 contract package for the build and maintenance phase.
Operating models for therapy-practice AI
For a single or small group practice the solution is deliberately kept simple:
- On-premise appliance (AI Cube). A turnkey, quiet AI box in your practice - pre-configured, without your own IT team, fully offline (air-gapped) on request. Ideal for a single practice.
- Dedicated GPU server or LLM hosting. For larger training institutes or MVZ with several practitioners.
- Managed fallback. If you do not want to operate your own hardware, you can have AI run in our EU infrastructure - with a short, controllable provider chain.
In all models only open-source building blocks are used (no vendor lock-in), and the §203 contract package is standard. More on the cross-industry framework under AI for confidentiality professionals.
The RAG pipeline: components step by step
The real value comes not from a bare language model but from Retrieval-Augmented Generation (RAG): the AI answers questions from specialist literature and your own templates instead of from generic training knowledge - with source references. This is how we build the pipeline (more under Custom RAG):
- Ingestion. Documents are read in (guidelines, specialist literature, templates) and normalised.
- Chunking. Content is split into meaningful sections, oriented around context.
- Embeddings + vector database. Each section is translated into a vector and stored in a vector database (Qdrant).
- Retrieval and re-ranking. For a query, the most relevant sections are retrieved and sorted by re-ranking.
- Generation. A local model (Ollama or vLLM) formulates the answer - based solely on the retrieved passages, with source references.
- Observability and quality. With Langfuse we measure quality and make answers traceable.
We run exactly this stack ourselves: our AI offer finder on wz-it.com is a production RAG system on Qdrant, LiteLLM/Mistral and Langfuse.
Connecting multiple knowledge sources securely
We connect multiple knowledge sources into the same RAG pipeline - with enforced access rights:
- Your own templates. Structures for session and progress documentation and reports to assessors.
- Specialist literature and guidelines. Where permitted by licence, as a RAG source.
- Internal knowledge base. Practice know-how and workflows searchable from one place.
Session content itself stays local and is never used for training. Through access rights, every query only sees the sources it is allowed to see.
How we work at WZ-IT
We deliver practice AI as a lifecycle, not as a device purchase:
- Advise and design. A short workshop, sizing and the §203 contract framework - kept lean for a single practice.
- Build and integrate. Turnkey setup of the AI Cube, RAG on your templates, confidentiality obligation plus DPA.
- Operate and maintain (optional). Updates and curation as a contract - or you use it yourself after a short briefing.
The operational contract texts are drafted by qualified professionals; this article does not replace case-specific legal advice.
Further guides
- AI for psychotherapists - the solution page with use cases and hardware options.
- AI for confidentiality professionals - the cross-industry §203 framework (also for medical practices and hospitals).
- Custom RAG - how we build RAG pipelines end to end.
- AI hub - local AI infrastructure, LLM hosting and RAG at a glance.
Ready for AI that protects your patients? We build it locally, §203-compliant and turnkey. Book your initial consultation now.
Sources
Frequently Asked Questions
Answers to important questions about this topic
Yes. §203 StGB lists psychological psychotherapists as well as child and adolescent psychotherapists explicitly as professions bound to confidentiality. Therapy content is especially worthy of protection; its unauthorised disclosure is a criminal offence.
Therapy content is among the most sensitive data of all and is specially protected under Art. 9 GDPR. Entering it into public cloud AI is regularly a breach of §203 StGB and data-protection law. Local processing here is not a convenience but the clean solution.
No. The data processing agreement under Art. 28 GDPR only governs data protection. Psychotherapeutic confidentiality (§203 StGB) applies additionally. Anyone engaging a service provider must bind it in text form under §203 (3) s. 2 StGB and warn about the criminal consequences.
For processing health data, Art. 9 GDPR generally requires explicit consent, with written form recommended. With local AI the circle of people involved stays small and the data does not leave the practice.
No. We deliver a turnkey single-seat solution. The AI Cube is pre-configured as an appliance; you do not have to operate a server or maintain an IT team.
Yes. For a single psychotherapy practice, the AI Cube as a quiet, local appliance is sufficient - fully offline (air-gapped) on request.
Retrieval-Augmented Generation combines a language model with a searchable knowledge base. The AI draws answers from specialist literature, guidelines and your own templates - with source references. Session content stays local.
Entry runs via the AI Cube at a fixed price - ideal for a single practice. Recurring costs only arise with optional maintenance - no cloud subscription. The initial consultation is free.
Written by
Timo Wevelsiep
Co-Founder & CEO
Co-Founder of WZ-IT. Specialized in cloud infrastructure, open-source platforms and managed services for SMEs and enterprise clients worldwide.
LinkedInLet's Talk About Your Idea
Whether a specific IT challenge or just an idea - we look forward to the exchange. In a brief conversation, we'll evaluate together if and how your project fits with WZ-IT.
Leading companies trust WZ-IT
Timo Wevelsiep & Robin Zins
Managing Directors of WZ-IT