Addressing the risks to your dictation files

| Steve Newton

Your dictation files and transcribed documents can be at risk from a variety of internal and external threats, so what should you do to protect them? We look at the role that IT risk management can play.

Addressing the risks to your dictation files

Dictation systems play a pivotal role in the creation of electronic documents – whether this is through the creation of digital files that are subsequently transcribed or via the use of speech to text systems.

Stop for a minute and think of the potential impact to your business if these digital documents were unavailable, perhaps because of a system crash or a natural disaster such as a fire or flood. What effect would this have on your ability to deliver services to your customers or patients? How would this impact the reputation of your organisation?

In essence the role of IT risk management is to understand the potential threats to your IT systems that you need to defend against, assess the probability of them occurring and consider the impact upon your business should they actually happen.

The phases of effective IT risk management

Managing IT risks is a structured process involving the following series of activities:

Identify the potential risks

The first phase focuses on identifying the potential threats to your IT systems and information. These might include a hacker stealing your confidential files or infecting your IT system with a virus. Equally it might be the risk that commercially sensitive information may be mishandled (perhaps because of human error by your staff) or fall into the hands of those who shouldn’t have access to it.

Assess and rank the risks

Once the specific types of risk have been identified, you can then determine the likelihood of each occurring along with their potential consequences. Typically, the risks and the associated impacts are quantified as being high, medium, or low.

Develop response plans

During this step, you should assess your highest-ranked risks and, in general terms, decide how you might best avoid them. While the complete elimination of all risk is rarely possible, a risk avoidance strategy is designed to deflect as many threats as possible in order to avoid the costly and disruptive consequences of a damaging event.

Mitigate against the risks

Having identified the greatest threats to your IT systems you then need to put specific actions or solutions in place to counter these. From an IT perspective this might include using anti-virus software, anti-spyware protection and firewalls, regularly updating software to the latest versions, securing passwords and using two factor authentication to guarantee user identity.

The other key aspect of IT risk management is developing a business continuity plan. This will enable your business to continue to function and recover quickly from unexpected events that might disrupt your IT systems such as a freak storm rendering your IT systems inoperable.

The key principles of business continuity planning should be to prevent any loss of data, minimise as far as possible any impact on your service levels to customers and ensure that you revert back to ‘business as usual’ as quickly as possible.

The benefits

Effective IT risk management can deliver a wide range of benefits to your organisation, from both an IT and a wider business perspective.

On the IT front it ensures that the risks to your IT systems and services are identified in a structured manner, and the implications of these are fully understood.

Perhaps more importantly from a business perspective, it is reassuring to your customers and confirms that you take the continuity of your services to them seriously. Furthermore, it can assist in addressing specific regulatory requirements for continuity planning that exist in certain industry sectors such as financial services.

One final point to note - it’s not just your own on-premise systems you need to consider in terms of the risks your organisation faces. If you use cloud-based services to access dictation applications or store transcribed documents then you should certainly include this in your IT risk management thinking.

For example, you should establish where your data is hosted and if your cloud service provider has a strong focus on data security and privacy. You should also clarify the provider’s business continuity plans and how they will minimise the effect on your organisation in the event of any service outage.

Take a look at our transcription services

Article also available in German