Account data (related to your billing) is stored on secure data servers in Austria. Dictations (audio recordings and file attachments such as pictures and documents) are stored regionally on Microsoft Azure servers to comply with legal requirements, enable the quickest access:
- United States: Boydton, Virginia
- Canada: Quebec City
- Europe and South Africa: Netherlands
- Australia and New Zealand: Victoria
Philips SpeechLive has chosen Microsoft Azure as hosting partner for dictations (audio recordings and file attachments), as they are the world’s leading enterprise-level provider of a platform for cloud-hosted solutions.
Microsoft Azure maintains uncompromising security standards and processes to ensure the highest level of data privacy and security. They continuously perform penetration testing and work on threat detection and prevention in areas such as unauthorized intrusion and denial of service.
Microsoft Azure services are highly reliable. Microsoft prides itself in promising a 99.9% uptime guarantee, 24 hours a day, 7 days a week and 365 days a year. Microsoft Azure have a ‘lights out’ policy meaning various measures are in place to protect operations from:
- Power failure
- Physical intrusion
- Network outages
Their data centers are compliant with applicable industry standards for physical security and reliability; managed, monitored, and administered by Microsoft operations staff. Microsoft also states they invested over 1 billion US dollars into their security R&D and have over 3,500 cyber security experts on their team. Microsoft Azure is therefore among the most popular providers worldwide, even for large corporations.
Microsoft supports over 90 global regulations. To ensure they are meeting all security and compliance advancements and requirements, Microsoft is regularly audited and submits self-assessments to third-party auditors.
- ISO/ IEC 27000:2018 Information technology – Security techniques – Information security management systems – Overview and vocabulary
- ISO/IEC 27001:2015 Information technology – Security techniques – Information security management systems – Requirements
- United Kingdom General Data Protection Regulation and Data Protection Act 2018
- FedRAMP High – US Federal Risk and Authorization Management Program (NIST SP 800-53 800)
- FIPS 140-2 – Federal Information Processing Standard
- Security Organization Controls (SOC 1, SOC 2, and SOC 3)
- EU General Data Protection Regulation (GDPR)
- Health Information Trust Alliance (HITRUST)
- National Health Service (NHS) Information Governance (IG) Toolkit (UK)
- Hébergeurs de Données de Santé, HDS
- eHealth Insurance Portability and Accountability Act (HIPAA)
Data security and encryption
Backup and data recovery
Users can create backups of all dictations, to recover them at a later point if necessary. Accidentally deleted dictations can be restored by the account administrator up to 30 days.
Dictations are always created, sent, and stored with industry standard AES 256-bit encryption – in the web app using secure Microsoft Azure environment, in the iOS or Android app on the phone.
Email-based multi-factor authentication (MFA) adds and extra level of security. SpeechLive uses a secure authentication service by Microsoft that prevents security risks such as brute force attacks. The setting can be enforced by the account admin.
Single Sign-on (SSO) Login
Single sign-on reduces the hassle of having to remember more passwords. When activiated, it allows users to log into multiple applications through a single set of credentials. Users can use their Microsoft credentials to easily and securely login to all SpeechLive platforms. SSO also simplifies administrators' lives by saving them time when resetting passwords.
Dictations can only be viewed by authorized owners and with a user name and password. User management and backup is only available for administrators (not all SpeechLive users).
Payments are processed by our payment providers Unzer and authorize . net that both meet Payment Card Industry Data Security Standard (PCI DSS) compliance to ensure that payment information is processed, stored, or transmitted in a secure environment.
Dictations sent to the SpeechLive transcription service are processed by carefully selected external partner agencies and then sent through encrypted https to their secure servers. Dictations are deleted after transcription and not saved on the partner servers.
All audio files sent to our speech-to-text engine are sent securely through an encrypted channel. We use both https for client to server, and server to server communication. Transcriptions are sent via a secure SignalR https connection.
The speech recognition engine uses the highest-security standards servers in the US and EU.
If you are using the desktop or mobile app for our speech-to-text service, no audio or text is saved on our servers. The audio and text files simply pass through our servers. If you are using the web version, both your audio and the transcription are saved temporarily during the speech recognition and then deleted automatically. The files are saved in an encrypted format in your SpeechLive account, for your access only.
As part of our strict vendor management policy, we only cooperate with industry-leading service providers. Each new vendor undergoes an extensive security audit before they we incorporate them in our activities. This way we can ensure the highest security and compliance standards are met.
Personnel access security
Personnel access security
All personnel with access to users’ files must undergo a special security training and sign a non-disclosure agreement (NDA). This NDA serves to protect the confidential and personal data Speech Processing Solutions entrusts to its employees.
Trained personnel only
Only trained personnel have access to the system for maintenance, support, and further development.
All trained Philips personnel who have access to users’ files interact with this data securely, using a device with relevant access control procedures.
We use a VPN connection to ensure employees which can have access to sensitive data can do this safely from our corporate network from multiple endpoints.
All computers of Philips personnel are monitored with antivirus, disk encryption, automatic device blocking and security patches.