Privacy + Security

The Importance of Confidentiality: “Information Seepage”

In many fields, information security is extremely important. We have responded to questions about how we handle confidential materials from many different corporate clients, researchers in academia, authors in pre-publishing, government agencies. The content may be legally sensitive, valuable information in the market, subject to academic council standards, or simply private. Dealing with the need for information security is fairly straightforward and simple. At the Scribe Collective, everybody has a contract that stipulates how all content that they come into contact with remains under control of the company and its clients, and cannot be disclosed at any time. Furthermore, we have a standard NDA available for clients to sign, which similarly disallows us as a company from releasing your content in any way into the public domain.

When it comes down to it, confidentiality should be an easy no-brainer. In reality, it’s shocking how often we encounter indifference to information security, either from our clients or companies that refer work to us. Often the laxity is introduced by middleman agents who seem to have little concern for the integrity of their own clients’ data. There have been numerous instances when we have worked with content we would have considered extremely sensitive and had not even been asked to sign a standard NDA. While Scribe Collective keeps a tight control over content regardless of what agreements have been put in place, this rampant complacency in the industry has contributed to what I call “information seepage.”

Releasing content to third parties such as transcription agencies represents a potential weak link for any sensitive information. A company that allows research notes to be transcribed by low-cost overseas companies should be prepared to deal with not only a low quality end product, but also the potential release of that information into an unsecured environment. This rarely occurs with malicious intent, but simply ignorance of what should be standard operating practices.

We once did extensive transcription of a large international corporation’s upper management seminar. This conference was littered with important financial information, much of it not publically available. At one point, the CFO gives a half-hour update of their financial position and a preview of their earnings report. The crowd is advised that, because they are in the room hearing this, they are now considered to be insiders and cannot buy or sell the company stock for six months or else face criminal charges by the SEC. It was inconceivable that not a single person involved in turning this work over to us to be transcribed even thought to mention a nondisclosure agreement. Similarly, we have handled legally sensitive information and government work without hint of an NDA. Recently, we have even begun to request one be signed with certain clients in order to protect ourselves as much as them. In a world where potential information leaks are popping up everywhere, we would prefer not to be one.