Personal information is routinely collected during transactions in modern society. Recordings of conversations are made in a variety of situations such as customer-agent interactions during contacts within the context of call centers, emergency service interactions (911 calls, etc.), and a myriad of other transactions that require information to flow from one entity to another.
During these transactions, personal information such as social security numbers, credit card numbers, bank account numbers, personal identification numbers (PIN), names, addresses, club numbers, frequent flier numbers, etc. is sensitive and can harm the person to whom the information pertains if the information is misused. This can present a problem.
Such sensitive information can be stored in a variety of locations or transferred to other parties for various reasons, all of which can place the information at risk of compromise by others. Hackers have become proficient at compromising databases, which house such sensitive information. Accounts can be pilfered, the identity of an individual can be stolen, and the individual can be placed in physical harm by unscrupulous actors. This can present a problem.
Information collected during the business transactions mentioned above can be transferred to entities for analysis. It has become a widespread business practice to record calls between customers and agents of a business during business transactions. Such recorded information is often times transferred to a party for analysis. An example is the quality review of a recording that contains personal information. While it is the intent of the data owner to transfer the data to a party for analysis, it is often the case that the party should not have access to the personal information contained within a transaction. This can present a problem.
Current attempts at securing sensitive information within recorded conversations or recorded speech have been directed to manually monitoring the speech and then subsequently deleting the sensitive information. Such a practice can be expensive in light of the volume of such data that is currently being created. Such manual censoring of recorded conversations and speech is not economically practical to meet all of the current need in the marketplace. This can present a problem.
Data which is considered sensitive, personal, confidential, or that should otherwise be secured from recognition can vary from one business to another. For example, in a medical context where a disease should be kept separate from a patient's name and address, the patient's name and address are considered to be the sensitive information that should not be readily available to others apart from the data owner. Conversely, a medical context can require that the disease be considered to be sensitive information. In some settings, such as in financial service settings, the customer's name and address are not necessarily the sensitive information, rather it is typically the customer's account number, personal identification number (PIN), etc. that is considered sensitive and should be secured. Variability of what is sensitive information, within a setting and from one setting to another, complicates handling sensitive information since a uniform definition of sensitive information does not exist. This can present a problem.