Transcription and Subtitling of Confidential Materials – How Data Security Is Ensured

Meeting recordings, witness hearings, healthcare interviews, corporate earnings materials – materials processed for transcription and subtitling often contain highly confidential information. Even so, many organisations send their files to services whose data security practices are not clearly known. In this blog post, we go through what data security factors you should consider when choosing a transcription or subtitling service – and how we at Spoken have addressed them.

Why is data security so important in transcription and subtitling?

Audio and video materials intended for transcription and subtitling are exceptionally sensitive by nature. Unlike, for example, text meant for translation, audio and video recordings often contain identifiable voices, confidential discussions and information that is not intended for public use. Typical examples of confidential materials include witness hearings in legal proceedings, patient interviews and studies in healthcare, board meeting materials and advance earnings information of companies, as well as defence sector materials.

If such material ends up in the wrong hands or leaks during processing, the consequences can be serious – legally, financially and reputationally.

What should you ask a service provider?

When comparing transcription and subtitling services, evaluating data security is not always easy. Here are some concrete questions worth asking:

Where is the data stored and processed? Find out where the material is geographically stored and processed. For organisations operating in the EU, it is often important that the data remains within the EU to meet GDPR requirements.

Who has access to the material? Is access restricted only to the people working specifically on your project? Or is your material accessible to a wider group?

Have confidentiality agreements been signed with staff? This applies both to the provider’s own employees and to any freelancers.

How is the material delivered and returned? Does the material travel through a protected connection throughout the entire process?

How long is the material retained? Are the files deleted automatically after a certain period?

What about AI-based services – where is the data routed? Many AI transcription services use third-party APIs, which may result in audio material being processed outside the EU or being used to train models.

How data security is organised at Spoken

From the very beginning, we have built our operations so that the confidentiality of our clients’ materials is protected at every stage.

A proprietary system in the EU. Spoken has its own transcription and subtitling system, developed together with a software partner and built in a Google Cloud environment located in the EU. All material – including data processed in AI transcription and subtitling – remains entirely within this system. We do not use third-party APIs to which materials would be sent outside our environment.

Restricted access. Only the project assistant working on the assignment and project management personnel have access to the client’s material. Transcribers and subtitlers work directly in the browser-based Spoken TOOL system, so there is no need to download the material to a local computer.

Automatic deletion. Client material is automatically deleted from the system three months after completion.

Confidentiality agreements. All our employees and freelancers have signed confidentiality agreements. All projects are always treated as confidential.

Secure delivery. Material is delivered to Spoken directly through our system using a secure upload form. Links to the completed material are returned to the client by SSL-protected email, or the files can be downloaded directly from the client account, which is accessed with personal credentials.

GDPR-compliant processing of personal data. We collect only the personal data necessary for customer relationship management and invoicing, and client data is handled only by members of company management.

Tailored solutions for demanding security needs. We understand that different organisations have different security requirements. That is why we also offer customised arrangements, such as a designated transcriber or subtitler for a particular client, a separate NDA in accordance with the client’s requirements, and a shorter-than-standard retention period for materials. This ensures that our service also meets the most demanding data security needs.

AI transcription does not mean compromising on data security

One common concern is the data security of AI-based services. In many services, the audio file is sent to the API of an external provider – for example OpenAI or Google – meaning that control over data processing is transferred to a third party.

Spoken’s AI transcription and subtitling operate entirely within our own system. The data is processed and stored at all times in our Google Cloud environment in the EU. This means that even when choosing an AI-based service, you can trust that your material remains secure.

Summary: data security is a selection criterion, not an extra feature

When choosing a transcription or subtitling service, price and delivery time are naturally important factors. But when confidential materials are involved, data security should be one of the first criteria in the selection process – not an afterthought.

Would you like to know more about Spoken’s data security practices or request a quote for the transcription or subtitling of confidential material? Get in touch – we would be happy to tell you more.