(no title)

The data in a therapy app can be considered part of a clients medical file and the medical file has various compliance regulations affecting it e.g the data has to be accessible for the organisation for 15+ years.

This has created a structure making E2E almost illegal in some healthcare domains as the policy ensures that the client data can be accessible to future therapists and accessible to the organisation under catastrophic scenarios.

Only the app being E2E enabled is half the picture, the regulation has to either change or the compliance to the regulation by the mental health organisation has to be creatively done to ensure a complaint E2E implementation.

This makes it a bigger, costlier problem than making therapy more effective and hence a ton of hesitation as unfortunately you don't 'need' to do it.