AskRadar.ai Security Statement September 2023
​
In order to comply with various regulations such as Health Insurance Portability and Accountability Act (HIPAA), General Data Privacy Regulation (GDPR), and/or California Consumer Privacy Act (CCPA), companies need to disclose to employees how they collect, process and share their personal data. The best way to do this is through transparent formal consent policies that are easily accessible and understandable as well as compliant with all relevant laws. Ensuring the proper handling of private details is part and parcel of this mandate. Not to mention, it’s just common courtesy and proper treatment of the people you work with.
AskRadar.ai has two products that use and collect metadata: The main AskRadar platform and Maxwell, a tool for measuring engagement in team conversations on social platforms.
​
Data Security and Privacy
​
In general, companies can only collect and process personal data of employees in a manner that is necessary and relevant to their job. Typical employee data includes resumes, references, payroll information, medical files, employment contracts, compensation and benefits, as well as performance reviews. Sometimes, however, PII can leak out in casual conversations that take place on open chat channels.
At AskRadar.ai, we take data privacy and PII protection seriously, implementing the highest cybersecurity standards and infrastructure to not only protect from outside intrusion but also to mediate against bad actors with internal access to systems and sources of information. Our services are only concerned with the data and conversations that are relevant to the processes, technology, and skill sets required to run your business. All other data is filtered out of the raw feed before any onboarding to our system or analysis. Let’s take a few minutes to look at how that is accomplished.
In increasing order of complexity, the Filtering and De-identification processes are as follows:
​
-
Filtering: Remove all irrelevant data and sensitive conversations with no replacement of content. This can also be referred to as Redaction.
-
Masking: Replace the sensitive content with fixed characters. Where data is necessary for answering questions, the sensitive, unique identifiers for individuals are replaced.
-
Encryption: Replace sensitive content with encrypted strings. The only one who can reverse the encryption is the person or entity who holds the encryption key.
​
The overall goal is to reduce weight on system processing by removing noise from the process as early as possible. AskRadar does not want to handle any information it doesn’t need to see. And for training any models, only the information related to areas of interest such as skill sets, or topics being discussed are relevant. What you’re eating for lunch, weekend plans, medical details are of zero interest and are removed before any data is processed. As the AskRadar models identify new sources or refine the definitions of ‘noise,’ we update these preprocessing filters to be more efficient at catching and removing chaff. Here is an illustrative design of the preprocessing pipeline:
In order to create an automated data transformation pipeline to cleanse sensitive data like personally identifiable information (PII), de-identification techniques like tokenization (pseudonymization, or creating a fake name via a variable placeholder) let you preserve the utility of your data for merging or analytics while reducing the risk of handling the data by virtue of obfuscating the raw sensitive identifiers. To minimize the risk of handling large volumes of sensitive data, pipelines like the one above, created by AskRadar, use an automated data transformation algorithm to create de-identified replicas of your original source. We never keep or store your original source data in our systems. We only maintain metadata and the output of the analysis in the form of models. For more information about models, refer to Machine Learning Step by Step.
​
Cloud Infrastructure at AWS
One of the key tasks of any enterprise is to help ensure the security of their users’ and employees’ data. AskRadar’s cloud infrastructure, described in more detail in the next section, provides built-in security measures to facilitate data security, including encryption of stored data and encryption of data in transit.
​
Encryption at rest: Cloud Storage
Maintaining data security is critical for most organizations. Unauthorized access to even moderately sensitive data can damage the trust, relationships, and reputation that you have with your customers. AskRadar encrypts any data stored at rest by default. By default, any object uploaded to the AWS system is encrypted using an Amazon-managed encryption key. If your dataset uses a pre-existing encryption method and requires a non-default option before uploading, we can work with you to implement that protocol within our infrastructure.
​
Encryption in transit: Dataflow
When your data is in transit, the at-rest encryption isn’t in place. In-transit data is protected by secure network protocols referred to as encryption in transit. By default, Radar uses Amazon-managed encryption keys.