Who is Transcribing Your Audio? A Checklist for Protecting Your Data When Using Transcription Services in 2019
When you outsource tasks, you effectively bring on a new member of staff — just for a short period of time.
Transcription services are no different.
Like when you hire someone new, you need to think about who you are bringing into your team. If you trade in sensitive material, this becomes critical to your operational security.
For many businesses and individuals, they trust their most sensitive material to transcription firms assuming that their secrets will stay safe and their data protected.
Unfortunately, things aren’t that simple. Cybercrime and corporate theft are on the rise. Hackers attack every 39 seconds. All businesses need to take every precaution they can. Whenever you share data with external parties, your sensitive information, trade secrets and your reputation are on the line. Ensure that you know exactly who has access to your data.
This is your guide to getting a secure transcription service in 2019, starting with who is transcribing your audio.
Who is Transcribing Your Audio? The Root of Secure Transcription Services
This might seem like an odd place to start. In a high-tech age, people think about cybersecurity first when discussing data protection. Equally, relying on company reputation might seem good enough when contracting with transcription firms. However, it is worth thinking about the exact person who is assigned to your transcript, the transcriptionist.
A lot of transcription services outsource their transcriptionists to dispersed networks of freelancers. By itself, this adds additional strain to any centralised control over your data. What causes greater problems is when these networks of freelancers are outsourced offshore.
Using offshore services is not a rare occurrence in the transcription industry. Many teams that rely on remote workers will employ workers from around the world. Offshore transcription can be cheaper due to reduced operating costs. However, those lower costs may be accounted for, in part, by fewer regulations on privacy and information protection. Overseas transcriptionists may not be aware of the data protection laws you rely on. Even if they are, enforcing multiple policies from different nations can simply be too much work. For that reason, it’s prudent to avoid this if data security is a high priority.
Removing the Human Altogether — ASR and Speech-to-Text Software
Some might assume that using automated speech-to-text, or ASR (automatic speech recognition) software is a more secure option, because there’s no human input involved. However, that’s not necessarily true.
Transcription service providers using ASR software may have access to your recordings for product development purposes. They want to ensure the software is working as intended in a variety of different circumstances and, as such, often borrow recordings of customers instead of performing their own in-house tests. You then don’t know which employees of that vendor have access to your recordings or whether or not they might outsource these assessment and development tasks to companies you’re entirely unaware of. You don’t know where those people will be located, or even where the servers are that your data is stored on.
Not all ASR vendors are going to necessarily put your data at risk, but it helps maintain your peace of mind if you know who, exactly, has access to your data. ASR or human-driven, the assessment of what makes a secure transcription service is broadly unchanged regardless of these distinctions.
What Should You Be Checking For in a Transcription Service?
When looking for quality transcription services, people often limit their enquiries to the company with which they are contracting — investigating transcription rates, turnaround times, high-quality promises of detail and customer reviews.
But you should also be thinking about the reliability of the transcription service and whether they enforce security policies to ensure your data is protected. Beyond what we have already mentioned, here is your 4 point checklist for picking the secure service that you need.
- ISO Accreditations: These are sets of independent accreditations setting international standards of best practice across a wide range of different industries. Companies only receive ISO accreditations after they have been through third-party assessments and proven themselves to have attained a rigid standard of professionalism and best practice.
In particular, you should keep an eye out for ISO 9001, that highlights good standard business management practices, and ISO 27001, which demonstrates proficiency in maintaining benchmark information security practices.
- Data encryption: Although companies that have their ISO 27001 accreditations are practically guaranteed to employ data encryption protection, it’s essential to verify this practice for yourself, anyway. Having attained a website security certificate, shown in URLs as “HTTPS” instead of simply “HTTP”, which could be the sign of an unsecured site. Furthermore, they should make use of TLS or SSL encrypted login portals and storage policies.
- NDAs: Also known as a non-disclosure agreement, this is a legally binding contract that ensures that the service provider or vendor cannot discuss, disclose or share the information you share with them, including the contents of any audio data or transcriptions in their hands or on their servers. Breaching this contract puts them at serious risk of litigation. The most reliable transcription services will offer NDAs on request and make it clear that they are available either on their website or when you get in touch.
- GDPR: Having come into effect as of 25 May 2018, the General Data Protection Regulation is a series of legally enforceable rules that all companies in the European Union are required to follow. Data protection is amongst the most important of those rules, including the full disclosure of whom your information may be shared with, and the option to consent or decline.
If you are subject to the GDPR, you need to make sure that the transcription service you chose clearly outlines their GDPR compliance policy. If GDPR is not a concern of yours, finding transcription service firms that are subject to GDPR compliance means access companies that are held to international best practices. For English transcripts, that means looking for transcription service based in the UK.
How Do You Make Sure That Transcriptionists Meet Your Standards of Security?
You should never assume that your data is safe, you should ensure it. Trustworthy transcriptionist services will clearly display their ISO accreditations and make it clear on the website whether or not they use data encryption, and you can see some of the proof directly in the URL.
However, you should never hesitate to ask about a transcription service’s practices for keeping your data safe. They should already have a policy available that details exactly what efforts they make to secure all client information. If they don’t have one and can’t otherwise show you how they protect their clients, it might be worth looking elsewhere.
You have been reading about how to get secure transcription service outcomes. If you have more questions about how much transcription services cost, how they cater to different industries (including legal transcriptions, medical transitions and market research firms) we have written the Ultimate Guide to Transcription Services just for you!