deepgram-data-handling
Implement audio data handling best practices for Deepgram integrations. Use when managing audio file storage, implementing data retention, or ensuring GDPR/HIPAA compliance for transcription data. Trigger: "deepgram data", "audio storage", "transcription data", "deepgram GDPR", "deepgram HIPAA", "deepgram privacy", "PII redaction".
Best use case
deepgram-data-handling is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Implement audio data handling best practices for Deepgram integrations. Use when managing audio file storage, implementing data retention, or ensuring GDPR/HIPAA compliance for transcription data. Trigger: "deepgram data", "audio storage", "transcription data", "deepgram GDPR", "deepgram HIPAA", "deepgram privacy", "PII redaction".
Teams using deepgram-data-handling should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/deepgram-data-handling/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How deepgram-data-handling Compares
| Feature / Agent | deepgram-data-handling | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Implement audio data handling best practices for Deepgram integrations. Use when managing audio file storage, implementing data retention, or ensuring GDPR/HIPAA compliance for transcription data. Trigger: "deepgram data", "audio storage", "transcription data", "deepgram GDPR", "deepgram HIPAA", "deepgram privacy", "PII redaction".
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
Related Guides
Best AI Skills for Claude
Explore the best AI skills for Claude and Claude Code across coding, research, workflow automation, documentation, and agent operations.
ChatGPT vs Claude for Agent Skills
Compare ChatGPT and Claude for AI agent skills across coding, writing, research, and reusable workflow execution.
SKILL.md Source
# Deepgram Data Handling
## Overview
Best practices for handling audio and transcript data with Deepgram. Covers Deepgram's built-in `redact` parameter for PII, secure audio upload with encryption, transcript storage patterns, data retention policies, and GDPR/HIPAA compliance workflows.
## Data Privacy Quick Reference
| Deepgram Feature | What It Does | Enable |
|-------------------|-------------|--------|
| `redact: ['pci']` | Masks credit card numbers in transcript | Query param |
| `redact: ['ssn']` | Masks Social Security numbers | Query param |
| `redact: ['numbers']` | Masks all numeric sequences | Query param |
| Data retention | Deepgram does NOT store audio or transcripts | Default behavior |
**Deepgram's data policy:** Audio is processed in real-time and not stored. Transcripts are not retained unless you use Deepgram's optional storage features.
## Instructions
### Step 1: Deepgram Built-in PII Redaction
```typescript
import { createClient } from '@deepgram/sdk';
const deepgram = createClient(process.env.DEEPGRAM_API_KEY!);
// Deepgram redacts PII directly during transcription
const { result } = await deepgram.listen.prerecorded.transcribeUrl(
{ url: audioUrl },
{
model: 'nova-3',
smart_format: true,
redact: ['pci', 'ssn'], // Credit cards + SSNs -> [REDACTED]
}
);
// Output: "My card is [REDACTED] and SSN is [REDACTED]"
console.log(result.results.channels[0].alternatives[0].transcript);
// For maximum privacy, redact all numbers:
// redact: ['pci', 'ssn', 'numbers']
```
### Step 2: Application-Level PII Redaction
```typescript
// Additional redaction patterns beyond Deepgram's built-in
const piiPatterns: Array<{ name: string; pattern: RegExp; replacement: string }> = [
{ name: 'email', pattern: /\b[\w.-]+@[\w.-]+\.\w{2,}\b/g, replacement: '[EMAIL]' },
{ name: 'phone', pattern: /\b(\+?\d{1,3}[-.\s]?)?\(?\d{3}\)?[-.\s]?\d{3}[-.\s]?\d{4}\b/g, replacement: '[PHONE]' },
{ name: 'dob', pattern: /\b(0[1-9]|1[0-2])[\/.-](0[1-9]|[12]\d|3[01])[\/.-](19|20)\d{2}\b/g, replacement: '[DOB]' },
{ name: 'address', pattern: /\b\d{1,5}\s[\w\s]+(?:Street|St|Avenue|Ave|Road|Rd|Drive|Dr|Lane|Ln|Boulevard|Blvd)\b/gi, replacement: '[ADDRESS]' },
];
function redactPII(text: string): { redacted: string; found: string[] } {
let redacted = text;
const found: string[] = [];
for (const { name, pattern, replacement } of piiPatterns) {
const matches = text.match(pattern);
if (matches) {
found.push(`${name}: ${matches.length} occurrence(s)`);
redacted = redacted.replace(pattern, replacement);
}
}
return { redacted, found };
}
// Usage after Deepgram transcription:
const transcript = result.results.channels[0].alternatives[0].transcript;
const { redacted, found } = redactPII(transcript);
if (found.length > 0) console.log('PII found and redacted:', found);
```
### Step 3: Secure Audio Upload and Storage
```typescript
import { S3Client, PutObjectCommand, GetObjectCommand } from '@aws-sdk/client-s3';
import { getSignedUrl } from '@aws-sdk/s3-request-presigner';
import { createHash, randomUUID } from 'crypto';
import { readFileSync } from 'fs';
const s3 = new S3Client({ region: process.env.AWS_REGION ?? 'us-east-1' });
const BUCKET = process.env.AUDIO_BUCKET!;
async function uploadAudio(filePath: string, metadata: Record<string, string> = {}) {
const audio = readFileSync(filePath);
const checksum = createHash('sha256').update(audio).digest('hex');
const key = `audio/${randomUUID()}-${checksum.substring(0, 8)}.wav`;
await s3.send(new PutObjectCommand({
Bucket: BUCKET,
Key: key,
Body: audio,
ContentType: 'audio/wav',
ServerSideEncryption: 'aws:kms', // Encrypt at rest
Metadata: {
...metadata,
checksum,
uploadedAt: new Date().toISOString(),
},
}));
// Generate presigned URL for Deepgram to fetch (expires in 1 hour)
const presignedUrl = await getSignedUrl(s3,
new GetObjectCommand({ Bucket: BUCKET, Key: key }),
{ expiresIn: 3600 }
);
return { key, checksum, presignedUrl };
}
// Upload -> Get presigned URL -> Send to Deepgram
const { presignedUrl } = await uploadAudio('./recording.wav', { source: 'call-center' });
const { result } = await deepgram.listen.prerecorded.transcribeUrl(
{ url: presignedUrl },
{ model: 'nova-3', smart_format: true, redact: ['pci', 'ssn'] }
);
```
### Step 4: Transcript Storage Pattern
```typescript
interface StoredTranscript {
id: string;
audioKey: string; // S3 reference
requestId: string; // Deepgram request_id
transcript: string; // Redacted text
confidence: number;
duration: number; // Audio duration in seconds
model: string;
speakers: number;
utterances?: Array<{
speaker: number;
text: string;
start: number;
end: number;
}>;
metadata: {
redacted: boolean;
piiTypesFound: string[];
createdAt: string;
retentionPolicy: 'standard' | 'legal_hold' | 'hipaa';
expiresAt: string;
};
}
function buildTranscriptRecord(
audioKey: string,
result: any,
retentionDays = 90
): StoredTranscript {
const alt = result.results.channels[0].alternatives[0];
const { redacted, found } = redactPII(alt.transcript);
return {
id: randomUUID(),
audioKey,
requestId: result.metadata.request_id,
transcript: redacted,
confidence: alt.confidence,
duration: result.metadata.duration,
model: Object.keys(result.metadata.model_info ?? {})[0] ?? 'unknown',
speakers: new Set(alt.words?.map((w: any) => w.speaker).filter(Boolean)).size,
utterances: result.results.utterances?.map((u: any) => ({
speaker: u.speaker,
text: u.transcript,
start: u.start,
end: u.end,
})),
metadata: {
redacted: found.length > 0,
piiTypesFound: found,
createdAt: new Date().toISOString(),
retentionPolicy: 'standard',
expiresAt: new Date(Date.now() + retentionDays * 86400000).toISOString(),
},
};
}
```
### Step 5: Data Retention Policies
```typescript
const retentionPolicies = {
standard: { days: 90, description: 'Default retention' },
legal_hold: { days: 2555, description: '7 years for legal' },
hipaa: { days: 2190, description: '6 years per HIPAA' },
temp: { days: 7, description: 'Temporary processing' },
};
async function enforceRetention(db: any, s3Client: S3Client, bucket: string) {
const now = new Date();
// Find expired transcripts
const expired = await db.query(
'SELECT id, audio_key FROM transcripts WHERE expires_at < $1 AND retention_policy != $2',
[now.toISOString(), 'legal_hold']
);
console.log(`Found ${expired.rows.length} expired transcripts`);
for (const row of expired.rows) {
// Delete audio from S3
try {
await s3Client.send(new DeleteObjectCommand({
Bucket: bucket, Key: row.audio_key,
}));
} catch (err: any) {
console.error(`S3 delete failed for ${row.audio_key}:`, err.message);
}
// Delete transcript from database
await db.query('DELETE FROM transcripts WHERE id = $1', [row.id]);
console.log(`Deleted: ${row.id}`);
}
return expired.rows.length;
}
```
### Step 6: GDPR Right to Erasure
```typescript
async function processErasureRequest(userId: string, db: any, s3Client: S3Client, bucket: string) {
console.log(`Processing GDPR erasure request for user: ${userId}`);
// 1. Find all user transcripts
const transcripts = await db.query(
'SELECT id, audio_key FROM transcripts WHERE user_id = $1', [userId]
);
// 2. Delete audio files from S3
for (const row of transcripts.rows) {
if (row.audio_key) {
await s3Client.send(new DeleteObjectCommand({ Bucket: bucket, Key: row.audio_key }));
}
}
// 3. Delete transcripts from database
const deleted = await db.query('DELETE FROM transcripts WHERE user_id = $1', [userId]);
// 4. Delete user metadata
await db.query('DELETE FROM user_metadata WHERE user_id = $1', [userId]);
// 5. Audit log (keep for compliance — does not contain PII)
console.log(JSON.stringify({
action: 'gdpr_erasure',
userId: userId.substring(0, 8) + '...', // Partial for audit
transcriptsDeleted: deleted.rowCount,
audioFilesDeleted: transcripts.rows.length,
timestamp: new Date().toISOString(),
}));
return { transcriptsDeleted: deleted.rowCount, audioFilesDeleted: transcripts.rows.length };
}
```
## Output
- Deepgram built-in PII redaction (pci, ssn, numbers)
- Application-level PII redaction (email, phone, DOB, address)
- Secure audio upload to S3 with KMS encryption
- Transcript storage pattern with retention metadata
- Automated retention enforcement
- GDPR erasure workflow
## Error Handling
| Issue | Cause | Solution |
|-------|-------|----------|
| PII still visible | Deepgram `redact` not set | Add `redact: ['pci', 'ssn']` to options |
| S3 upload fails | Missing KMS permissions | Add `kms:GenerateDataKey` to IAM role |
| Retention not enforced | Cron not running | Schedule retention job, add monitoring |
| Erasure incomplete | Transaction failed | Use database transactions for atomic delete |
## Resources
- [Deepgram Redaction](https://developers.deepgram.com/docs/redaction)
- [Deepgram Security](https://deepgram.com/security)
- [HIPAA Compliance](https://deepgram.com/hipaa)
- [GDPR Guide](https://developers.deepgram.com/docs/gdpr)Related Skills
generating-test-data
Generate realistic test data including edge cases and boundary conditions. Use when creating realistic fixtures or edge case test data. Trigger with phrases like "generate test data", "create fixtures", or "setup test database".
managing-database-tests
Test database testing including fixtures, transactions, and rollback management. Use when performing specialized testing. Trigger with phrases like "test the database", "run database tests", or "validate data integrity".
encrypting-and-decrypting-data
Validate encryption implementations and cryptographic practices. Use when reviewing data security measures. Trigger with 'check encryption', 'validate crypto', or 'review security keys'.
scanning-for-data-privacy-issues
Scan for data privacy issues and sensitive information exposure. Use when reviewing data handling practices. Trigger with 'scan privacy issues', 'check sensitive data', or 'validate data protection'.
windsurf-data-handling
Control what code and data Windsurf AI can access and process in your workspace. Use when handling sensitive data, implementing data exclusion patterns, or ensuring compliance with privacy regulations in Windsurf environments. Trigger with phrases like "windsurf data privacy", "windsurf PII", "windsurf GDPR", "windsurf compliance", "codeium data", "windsurf telemetry".
webflow-data-handling
Implement Webflow data handling — CMS content delivery patterns, PII redaction in form submissions, GDPR/CCPA compliance for ecommerce data, and data retention policies. Trigger with phrases like "webflow data", "webflow PII", "webflow GDPR", "webflow data retention", "webflow privacy", "webflow CCPA", "webflow forms data".
vercel-data-handling
Implement data handling, PII protection, and GDPR/CCPA compliance for Vercel deployments. Use when handling sensitive data in serverless functions, implementing data redaction, or ensuring privacy compliance on Vercel. Trigger with phrases like "vercel data", "vercel PII", "vercel GDPR", "vercel data retention", "vercel privacy", "vercel compliance".
veeva-data-handling
Veeva Vault data handling for enterprise operations. Use when implementing advanced Veeva Vault patterns. Trigger: "veeva data handling".
vastai-data-handling
Manage training data and model artifacts securely on Vast.ai GPU instances. Use when transferring data to instances, managing checkpoints, or implementing secure data lifecycle on rented hardware. Trigger with phrases like "vastai data", "vastai upload data", "vastai checkpoints", "vastai data security", "vastai artifacts".
twinmind-data-handling
Handle TwinMind meeting data with GDPR compliance: transcript storage, memory vault management, data export, and deletion policies. Use when implementing data handling, or managing TwinMind meeting AI operations. Trigger with phrases like "twinmind data handling", "twinmind data handling".
supabase-data-handling
Implement GDPR/CCPA compliance with Supabase: RLS for data isolation, user deletion via auth.admin.deleteUser(), data export via SQL, PII column management, backup/restore workflows, and retention policies. Use when handling sensitive data, implementing right-to-deletion, configuring data retention, or auditing PII in Supabase database columns. Trigger: "supabase GDPR", "supabase data handling", "supabase PII", "supabase compliance", "supabase data retention", "supabase delete user", "supabase data export".
speak-data-handling
Handle student audio data, assessment records, and learning progress with GDPR/COPPA compliance. Use when implementing data handling, or managing Speak language learning platform operations. Trigger with phrases like "speak data handling", "speak data handling".