GDPR was enshrined in law from May 2018 and is commonly the time that many organisations review their Data Protection and Security & Information policies, in order to ensure that they keep in line with current recommendations from the ICO and NCSC. [National Cyber Security Centre].
Transcription services companies need to operate in a secure manner, since they handle personal data in the form of audio and video recordings, which may contain confidential, sensitive information that needs to be kept safe.
Here we list five updates that Transcribe It have made to enhance our security even further.
Secure Online Platform and 2FA
Clients need to be assured that the cloud solution their transcription services provider offers minimises risk throughout the whole process, from uploading recording, through transcript production, to data storage.
In 2022, Transcribe It have partnered with Huddle for our online client portal solution, to upload recordings and share transcripts. This allows clients to upload securely into the cloud, guaranteeing UK data sovereignty, with data encrypted in motion with high-grade SSL. Meets all requirements for UK Government cloud computing security controls, including vulnerability scanning and incident monitoring.
Two-factor authentication (also known as 2FA) is utilised on Huddle, you sign into your account using two passwords or codes; one that you know, and the other usually sent to your phone.
Data Storage Retention
Storage limitation is one of the most important principles of GDPR. Organisations should identify the minimum amount of personal data they need to fulfil their role, and no more.
In 2022, Transcribe It has reviewed the length of time that recordings and transcripts are stored.
As a transcription services supplier, we fulfil our role by transcribing a recording and producing a transcript. We have NO NEED to store a client’s recordings for longer than it takes to produce that transcript, so recordings will be permanently deleted within 24 hours after a client has confirmed receipt of the transcript.
Secure Online Transfer
The ICO states: Encrypting personal data whilst it is being transferred from one device to another provides effective protection against interception of the communication by a third party whilst the data is in transfer.
Transcribe It has reviewed the method of sharing transcripts with clients. Email is not a secure platform for transferring data and whilst clients are offered the option to use Egress encrypted email, our preferred method is to securely transfer from our platform, over the cloud.
Combine three random words to create a password that’s ‘long enough and strong enough’.
Enforcing complex password requirements onto staff is a poor defence against guessing attacks, since our minds struggle when we use unpredictable patterns. By using a password that’s made up of three random words, you’re creating a password that will be ‘strong enough’ to keep the criminals out, but easy enough for you to remember
Transcribe It now instructs all members of the transcription team to use the three random words method, where it is possible to do so.
Cyber Essentials is an effective, Government backed scheme that will help you to protect an organisation, whatever its size, against a whole range of the most common cyber attacks.
In 2022, Transcribe It will be asking all members of our transcription team to undertake Cyber Essentials training, provided by the NCSC.
So don’t take risks with your valuable data. Transcribe It is the UK’s longest established transcription services provider, we have been in business since 1992.
Please use our contact form or call on 01992 445411 to discuss how we can help with your transcription needs.