What Zero Data Retention Actually Means
"Zero data retention" means the AI vendor does not store, log, or use submitted records after the session ends. Records are processed in memory and discarded when the session closes. Nothing persists on vendor servers, and submitted data is not used to train or refine models.
That definition sounds clean, but the practical boundaries matter. A vendor can claim zero retention while still logging metadata: file names, session timestamps, query text, or error logs. A vendor can also pass data to subprocessors who operate under different terms. Marketing language like "we don't store your data" tells you nothing about what happens during transit, what the subprocessors do, or whether session logs count as "data" under the vendor's own definitions.
The only way to know what a vendor actually does is to read the data processing agreement (DPA) or business associate addendum (BAA), not the privacy policy. Privacy policies describe general practices. DPAs create contractual obligations.
The Privacy Framework Governing Veteran Records
Veteran records held by VA are subject to the Privacy Act of 1974. The Act restricts how federal agencies collect, use, and disclose personal information maintained in systems of records. VA publishes System of Records Notices (SORNs) in the Federal Register identifying what information is collected, for what purpose, and under what conditions it can be shared.
Privacy Act of 1974; 38 CFR § 1.582[1]One routine use permits disclosure to accredited attorneys, agents, and VSO representatives acting under a declaration of representation, but only for information relevant to the claim.
Privacy Act of 1974[2]That routine use authorizes the representative to access the records. It does not authorize the representative to hand those records to a commercial AI vendor for processing. Uploading a C-file or medical records to a third-party platform is a disclosure of protected information. Whether that disclosure is lawful depends on whether the veteran consented or a statutory exception applies. Neither is automatic.
VA's own privacy principles require that personal data be protected by safeguards appropriate to ensure security and confidentiality, and that access be limited to those with an official need.
VA Privacy Program[3]A commercial AI vendor generally has no official need. The firm is the one creating it, and the firm is responsible for the consequences.
Access Rules Under 38 CFR §§ 1.600–1.603
VA's regulations at 38 CFR §§ 1.600 through 1.603 govern who may access veteran records through VA IT systems. Access is limited to individuals accredited under 38 CFR § 14.629 as attorneys, agents, or VSO representatives, and only for claimants for whom they hold valid POA under 38 CFR § 14.631.
38 CFR §§ 1.600–1.603[4]The 2022 final rule implementing these provisions made clear that access privileges exist solely to retrieve records for a represented claimant under applicable privacy laws. The rule was grounded in 38 U.S.C. § 5904(a)(2), which directs VA to set qualifications and conduct standards consistent with ABA Model Rules.
38 U.S.C. § 5904(a)(2)[5]These rules define who can access records inside VA systems. They do not directly govern what an accredited attorney does with records after downloading them. But the policy underlying the rules, limiting access to those with legitimate representation roles and a demonstrated need, informs how firms should think about downstream disclosure to vendors.
A firm that pulls a C-file from the Veterans Benefits Management System (VBMS) and uploads it to an AI tool with no contractual data protections has moved records from a controlled federal environment into an uncontrolled one. The access was lawful. What followed may not have been.
Professional Conduct Obligations When Using AI on Case Records
VA's standards of conduct require VA-accredited attorneys to provide competent representation and act with reasonable diligence and promptness.
38 CFR § 14.632[6]Competent representation under § 14.632 includes "the knowledge, skill, thoroughness, and preparation necessary for the representation," and attorneys remain bound by the rules of professional conduct of any jurisdiction in which they are licensed. Most state bar ethics guidance on AI tools converges on the same point: competence includes understanding how the tools you use handle client information.
If an attorney uses an AI tool to analyze a C-file and that tool retains the records, logs the queries, or trains on the submitted data, the attorney has exposed protected client information without authorization. That is a conduct problem independent of whether any Privacy Act violation occurred.
VA may suspend or cancel accreditation for conduct violations and may report those actions to bar associations, courts, or other agencies.
38 CFR § 14.632[7]The firm operator's job is to ensure that every tool in the workflow has been reviewed against these obligations before staff use it on real records.
Paralegals and Support Staff
Paralegals may assist in claim preparation under direct attorney supervision, but only with the claimant's written consent. That consent must name the paralegal specifically and authorize access to applicable VA records.
38 CFR § 14.629[8]When a paralegal uses an AI tool as part of that supervised work, the data handling obligations that apply to the attorney extend to that tool. The tool is an extension of the paralegal's work product preparation. If the tool does not meet the firm's data protection standards, the paralegal should not be using it on those records.
What to Review in a Vendor's Data Processing Agreement
A DPA or BAA is the contract that governs what a vendor can do with data you submit. Before deploying any AI tool on veteran records, firms should verify the following terms in writing.
Retention commitment. The DPA should state explicitly that submitted data is not stored after the session ends. "We do not sell your data" is not a retention commitment. Look for language that specifies in-memory processing, automatic deletion on session termination, and no persistent storage of submitted content.
Subprocessor disclosure. Most AI vendors route requests through third-party infrastructure: cloud providers, model APIs, or monitoring services. The DPA should list subprocessors and confirm they operate under the same data terms. A vendor with strong retention commitments who passes data to an uncontrolled subprocessor has a gap in coverage.
Model training restrictions. Some vendors use submitted data to improve their models. The DPA should prohibit this explicitly for data submitted under the firm's account. Look for language excluding customer data from training, fine-tuning, or evaluation pipelines.
Breach notification timelines. VA's own privacy program requires reporting actual or suspected privacy incidents within one hour of discovery.
VA Privacy Program[9]Your vendor contract should specify notification timelines that give the firm time to meet its own reporting obligations. A 72-hour vendor notification window does not work if the firm faces a one-hour requirement.
Scope of authorized use. The DPA should limit the vendor's use of submitted data to the specific service being provided. Broad license language granting the vendor rights to "improve, develop, or enhance" services using submitted data is a red flag.
Reading a DPA takes time. But the firm is the one holding POA and the one whose accreditation is at risk. The vendor has no VA accreditation to lose.
Consent Language and Engagement Agreement Considerations
Current engagement agreements at most VA disability firms were written before AI tools became a standard part of case preparation. That creates a gap.
The Privacy Act's routine use provision that authorizes disclosure to accredited representatives presumes the representative is using the information to assist the claimant, not that it will be processed by a third-party platform. Whether using an AI tool falls within that routine use or constitutes a separate disclosure requiring consent is not settled. Firms should not assume the answer is favorable.
At minimum, engagement agreements should disclose that AI tools may be used in record analysis and case preparation, identify the category of tool (not necessarily the specific vendor), and obtain the claimant's consent to that use. Some firms are adding a separate AI use disclosure as part of intake. That approach creates a clear record if a question arises later.
VA's own privacy policy states it will not disclose personal information to third parties without consent, except when necessary to complete a transaction or authorized by law.
Privacy Act of 1974[10]The firm is not VA, but the principle is the same. A clear consent framework before you process records through a third-party tool is better than arguing about implied authorization after the fact.
Breach and Incident Response Obligations
If a vendor has a data incident involving veteran records, the firm is in the information chain. The firm collected the records under a POA, disclosed them to the vendor, and is the entity with a direct relationship to the veteran.
VA's own requirement is reporting within one hour of discovering an actual or suspected privacy incident.
VA Privacy Program[9]That standard applies to VA internally, not to private firms. But it signals how seriously VA treats incident timelines. Firms should check whether their own state bar ethics rules impose breach notification obligations when client data is exposed. Many do.
The practical risk is this: a vendor breach involving veteran records could trigger notification obligations to affected veterans, to VA, and potentially to state regulators, depending on the nature of the data and the jurisdiction. If the firm never audited the vendor's data terms, it has no contractual basis to demand prompt notification, no incident response playbook tied to the vendor relationship, and no documentation that it exercised reasonable diligence before exposing the records.
Vendor agreements should specify the notification window, designate a contact, and require the vendor to cooperate with the firm's response obligations. If the vendor will not agree to those terms, that tells you something.
Related guides
Common questions
What does zero data retention mean for AI legal software?
Zero data retention means the software vendor does not store, log, or use submitted records after the session ends. The records are processed in memory and discarded. Firms should confirm this in the vendor's data processing agreement, not just its marketing copy.
Is it a Privacy Act violation to upload veteran records to an AI tool?
Uploading veteran records to a third-party AI platform is a disclosure of protected information. Whether it violates the Privacy Act depends on whether consent was obtained or a lawful exception applies. Firms should review consent language and vendor agreements before use.
Does VA require firms to get veteran consent before using AI on their records?
VA rules require veteran consent for support staff to access records under 38 CFR § 14.629. Whether that extends to AI tools used in case preparation is unsettled, but firms relying on AI for record analysis should review their consent and engagement agreements.
What should a firm look for in an AI vendor's data terms before using it on C-files?
Look for explicit zero retention commitments, a list of subprocessors, breach notification timelines, and whether the vendor trains models on submitted data. A privacy policy alone is not enough. Review the data processing agreement or business associate addendum.
Can a paralegal use AI tools to review veteran records?
Paralegals may assist in claim preparation under direct attorney supervision with written veteran consent, per 38 CFR § 14.629. If a paralegal uses an AI tool as part of that work, the same data handling obligations that apply to the attorney extend to the tool.
See how Pete keeps VA records tied to the case
Pete keeps C-file records, cited workups, readiness blockers, and attorney review together in the case file. Review the data handling terms before processing sensitive records.
Citations
- VA Privacy Act SORNs (Privacy Act of 1974; 38 CFR § 1.582)
- Federal Register – VA Privacy Act System of Records (Sept. 15, 2025) (Privacy Act of 1974)
- VA Privacy Principles (VA Privacy Program)
- 38 CFR §§ 1.600–1.603 (38 CFR §§ 1.600–1.603)
- Federal Register: VA IT System Access Final Rule (June 24, 2022) (38 U.S.C. § 5904(a)(2))
- 38 CFR § 14.632 (38 CFR § 14.632)
- VA Standards of Conduct – OGC (38 CFR § 14.632)
- 38 CFR § 14.629 (38 CFR § 14.629)
- VA Privacy Program Plan (VA Privacy Program)
- VA.gov Privacy Policy (Privacy Act of 1974)
