Re-watching a consultation is useful for both the patient and the consultant. As far as I know (I did some consulting work for them), the data is encrypted and not accessed for any other purpose.
As far as I know (I read the article), the recordings were made available to random users due to a fault in the backend side. Whatever encryption and access control they are using is totally bogus.
I can see why there is a benefit to the patient of being able to check back in to listen to something again.
It might be encrypted, but it appears that encryption was ineffective (i.e. the API or application has access to the keys), since a user was able to access others' recordings. To me that's the big problem with everyone claiming to be "encrypted" - Dropbox was also encrypted back when they forgot to check user passwords for a few hours and anyone could log in "as you".
