Chapter Podcast: Document redactions can be dangerous

Many legal professionals assume making redactions on Microsoft Word completely blocks efforts to see the language and data that is “masked.” Be careful, as that is not always the case. This is particularly important when considering the requirements of Fla. R. Jud. Admin. R. 2.425, “Minimization of the Filing of Sensitive Information.”

There are security vulnerabilities and strategies to consider when redacting. For example, this query was sent to Perplexity Pro AI on May 31, 2025:

“I need the best way to safely and ethically redact documents and medical records, so the blacked-out language and data is not discoverable. I am concerned that redactions tools in Microsoft Word 360, Adobe Pro and Redactable are not sufficient to give me the confidence that redactions are safe, and the language and data intended to be redacted cannot actually be uncovered or unmasked. What do you suggest?”

The answer: “Your concerns about the adequacy of current redaction tools are well-founded and supported by extensive research documenting significant security vulnerabilities in popular redaction software. The evidence reveals that traditional redaction methods, including those found in Microsoft Word 365 and Adobe Pro, contain serious flaws that can expose supposedly protected information, while newer AI-powered solutions show promise but require careful implementation to ensure true data security.

Microsoft Word presents the most significant risk among commonly used redaction tools. The software lacks any genuine redaction functionality, forcing users to rely on inadequate workarounds that provide only the illusion of security. When users attempt to redact using Word's highlighter feature with black color, the underlying text remains completely intact and accessible through simple copy-and-paste operations. Similarly, using insert shapes or text boxes to cover sensitive information creates no actual data removal—the original text can be recovered by simply changing the color of the covering object or moving it aside. These methods merely create visual masks while leaving all sensitive data fully recoverable, making them entirely unsuitable for protecting confidential information.

Converting Word documents to PDF format after using these inadequate redaction methods does not resolve the security issues. The underlying data remains embedded in the PDF structure, searchable and extractable by anyone with basic technical knowledge. This represents a particularly dangerous false sense of security, as documents may appear properly redacted while containing fully accessible sensitive information.”

The Perplexity article continues by pointing out vulnerabilities in Adobe Acrobat Pro’s redaction tool in failing to eliminate text remnants allowing for “recoverable sensitive information.” The Adobe redaction process requires document sanitization to prevent revealing what was to be non-readable.

When considering HIPPA protected information with Protected Health Information, redacting documents can become a professional liability if not correctly accomplished.

ABOTA Fort Lauderdale has created the following “Deep Dive” podcast on Google Notebook LM for further information. It contains critical detailed information on this important topic. Listen via this link.

If you have questions about this article, please feel free to contact the Editor.