Data breaches are always big news, but what about audio breaches? Google faced a backlash recently when it was revealed that the new Google Home Mini was listening to and recording conversations even when users hadn’t activated it.
Though the bug was fixed before any paying customers were affected, “always listening” audio devices is high enough that the Electronic Privacy Information Center (EPIC) filed a lawsuit with the Federal Trade Commission and the Department of Justice alleging that always-on devices violate consumer protection law.
Audio security should be of particular concern to organizations that handle private, personal information such as those in the medical, government and military sectors.
Just as many companies have invested in cybersecurity measures, industries that handle sensitive information should consider updating audio solutions to protect clients’ privacy and ensure compliance with local, state and federal regulations.
The key to audio security is keeping sound where it belongs, and making sure the wrong people don’t hear something they shouldn’t. The following audio solutions will protect verbal communications and the private information they might contain.
HIPAA compliance requires safeguarding all medical records and communication, including verbal communication, but have you ever been in a doctor’s waiting room or medical exam room and heard a conversation the doctor was having with a patient in the next room over?
A sound-masking system is an easy fix to the problem of personal conversations being overheard in places where they shouldn’t.
A sound-masking system emits a low-level white noise, usually through special digital generators and hidden speakers to improve speech privacy. A sound-masking system is a particularly good solution if you can’t overhaul a space with structural soundproofing solutions.
If you're building a new space or renovating an existing one, installing soundproofing solutions at the get-go can stop audio privacy from ever being an issue at all. Instead of covering sounds you want to protect, soundproofing stops it from traveling out of the protected space.
The government and military, for example, require highly classified discussions take place in a Sensitive Compartmented Information Facility or SCIF. Some rooms and buildings are designed as SCIFs, while in other instances a regular room such as an office or hotel room needs to be transformed into a SCIF.
In that case, acoustic insulation has to cover every surface of the room, including the floor and ceiling. Options include acoustical seals around windows, doors, and vents; acoustical curtains that prevent sound from bouncing off hard surfaces such as walls and windows; and fabric acoustical ceiling tiles that include sound barriers and attach directly to existing drop ceiling tiles.
Acoustic baffles—also known as sound baffles—that suspend from the ceiling to block and reabsorb sound, as well as acoustic foam that can be installed like insulation between walls and in the ceiling, are great options for new construction.
Sometimes audio has to be captured and shared and the transfer becomes the weak link in the speech privacy chain. Technology that was originally applied by encrypted messaging applications has in recent years migrated to encrypted calling as well through providers including WhatsApp and Telegram. Companies can also use the open source code to build their own encrypted calling systems.
Personal device use, especially mobile phone use, is on the rise in every industry, but mobile devices don’t always meet the privacy requirements of those industries.
For example, in a survey conducted by NueMD, only 18 percent of managers, administrators and owners were “very confident” that their companies’ mobile devices were HIPAA compliant.
The U.S. military recently faced a privacy breach when service members using the fitness tracker app Strava on their smartphones were included in a heat map of users around the world, inadvertently revealing the location of sensitive U.S. military bases and information about personnel serving there. Regulating what kind of mobile devices are used, and how, when and where they are used can help prevent accidental and preventable audio breaches such as the one experienced by Google Home Mini reviewers.
Companies that suffered cybersecurity data breaches have paid out multimillion-dollar settlements and companies that find themselves out of compliance with privacy regulations could face similar financial consequences.
Depending on their severity, HIPAA violations can result in fines from several hundred thousand dollars to several million dollars. High-quality audio privacy solutions provided by a professional integrator and installer such as AVI Systems can protect your clients’ privacy and your bottom line.