06 Dec/18

Risk Management and Information Security in Translation Processes

Risk Management and Information Security in Translation Processes
Risk Management and Information Security in Translation Processes – EVS Translations

A reliable and fail-safe IT infrastructure is more important for companies nowadays than ever before. For one thing, their employees and translation providers must be able to access information and resources more and more flexibly. For another thing, the confidentiality of transmitted content and the protection of sensitive data are especially vital in translation management. The basis for secure translation management is, in addition to a well thought out network structure, a system with which the employer can have a transparent overview of the entire translation process. Mr Christian Weih*, manager at Across Systems GmbH, sheds light upon security risks and offers solutions for designing your translation processes securely and understandably, protecting your information from unwanted dissemination.

Underestimated and neglected: translations as a risk factor

“Translations are purchased as if buying screws,” says Weih – “unfortunately”. And yet there is much more behind translation, including above all an all too often underestimated risk potential! It is important to differentiate here between documents that must be kept confidential and protected, on the one hand, and data which is not dangerous on the other hand. Product information for items such as screws or product descriptions for an online shop are less critical than findings from medication scandals or personnel files. This is why employers should ask themselves whether their data is private. How affected is my data by the GDPR? What is the greatest damage due to improper data retention that I might imagine my company could carry? How is the translation company or the freelance translator protected in terms of insurance? “Such a risk analysis is not often carried out,” says Weih.

Double standard: internal vs. external measures for data security

There are two ways in which data can be put in danger – firstly during the technical translation process, in other words data transfer, and secondly at process level, in other words when handling data. Information security rules are often very restrictive within a company itself. In-house employees are strictly controlled – for instance, pages of online translation machines are blocked. What happens to the data when it leaves the company is rarely enquired into. Orders are often carelessly sent via e-mail, possibly still as an easily accessible XLIFF file. There is a risk that data will be “intercepted”. Weih advises that you should “unearth your curiosity about the translation sector and ask your language service provider.” Where does my data end up? Who has access to it? Does the translation company work with subcontractors and freelance translators outside Europe? If so, do they work in accordance with GDPR guidelines? Though human translation is spoken of, are machine translation solutions allowed to be used as part of the service? Does the translation company have a documented security concept? Have you established agreements together with your translation service provider regarding your requirements and other topics that are relevant for your sector (for example TISAX in the automotive sector).

Knowledge is power: how you can protect your translation documents

For one thing, data transfer must be safeguarded, and for another, user rights for these files must be carefully selected. This can occur either autonomously in cooperation with the IT department and project management of a translation company, or via a translation platform. There you have the opportunity to adapt the translation process to your needs. Allocate detailed rights profiles and decide whether the names of the people involved in your translation order should be anonymised as standard or saved in documents with a ten year retention period. Should all translators work on the platform and are they allowed to download glossaries?

“At the end of the day, we should not allow ourselves to be carried away and must weigh up the speed, quality and price of a translation,” says Weih. The effort should be proportional to the use, both for language service providers and for those giving the orders.

Review your translation process – is your data secure?

Translation management systems help determine access rights to highly sensitive data in detail, and can adjust them in a mere second if requirements change. You hold sway over what happens to your data. Would you like a concrete insight into the working of a translation management system? You can find out more in a free online demo by Across Systems.

Christian Weih, member of the Management Board at Across Systems GmbH
Christian Weih, member of the Management Board at Across Systems GmbH

Picture: Across

*Christian Weih took a degree in English Studies at the University of Mannheim. As a member of the Executive Board at Across Systems, he makes an essential contribution to company and product development. He also advises customers on language technologies, translation workflows and integrated solutions, for example for machine translations.

That was the final part of our four-part guest lecture series with Across Systems. All parts can also be found on our blog.

Part 1: The future of human translation – and why EVS Translations keeps to its in-house policy

Part 2: Terminology databases – modern stores of knowledge with potential

Part 3: First the process and then the system – translation management made easy