What to Look for When Choosing Redaction Software

Where your documents go during processing

This is the single most important question to ask any redaction vendor, and the one most easily obscured by marketing language.

Three models exist. Local/client-side processing means the document stays on your device or in your browser. The software processes it using your hardware. Nothing is uploaded. Cloud processing means the document is uploaded to the vendor's servers, processed there, and returned. Hybrid means some processing happens locally and some happens remotely.

Why does this matter? If your organisation handles confidential client data, legally privileged material, medical records, or financial information, sending those documents to a third party's servers creates a data processing relationship. Under GDPR, that third party becomes a data processor, and you need a Data Processing Agreement (DPA) in place. Under client confidentiality rules, you may need explicit consent from the data owner.

Local processing avoids this entirely. The document doesn't leave your control, so there's no third-party processing relationship to manage.

RedactProof's standard engine processes everything locally in your browser. The Pro Engine sends extracted text - not the document file itself - to Cloudflare Workers AI for enhanced PII detection. That text is processed in memory and isn't stored or used for training. It's a deliberate middle ground: improved detection accuracy without uploading original documents.

Ask vendors directly: "Does our document file leave our device at any point during processing?" Anything other than a clear "no" means it does.

Detection method and accuracy

Manual-only tools (Adobe Acrobat, Foxit) rely entirely on you to find the sensitive data. You draw boxes, the tool removes the underlying content. Effective if you have the time and attention to review every page carefully. Risky if you don't.

AI-powered detection tools scan the document automatically and flag personal information by type - names, addresses, dates, identification numbers, financial data. Confidence scores help you prioritise review. The tool does the first pass; you review and confirm.

The gap between "has AI detection" and "has good AI detection" is significant. Questions to ask:

• How many PII types does it detect? (Fewer than 20 is limited. 40+ covers most real-world categories.)
• Can it detect PII in context, or only exact pattern matches? (Pattern matching catches "07700 900123" as a phone number but misses "call me on oh seven seven oh oh...". Context-aware AI handles both.)
• How does it handle names in multiple formats? (Full name, surname only, initials, nicknames.)
• What's the false positive rate? (A tool that flags half the document wastes your time. A tool that misses genuine PII defeats the purpose.)

No detection tool catches everything. The right question isn't "does it miss anything?" (it will) but "does it reliably catch the standard PII categories and make my manual review faster?"

Redaction method

Every tool you evaluate should use pixel-burn redaction. Not overlay. If a vendor can't clearly confirm that their tool permanently removes underlying text data, disqualify it.

This seems obvious, but several products marketed as "redaction tools" actually produce overlay annotations. They look identical on screen but leave text recoverable. Test any tool by redacting a document with known content, then attempting to extract text from behind the redaction marks in a separate viewer.

Verification and audit trails

Verification certificates provide evidence that a document hasn't been modified after redaction. Useful for litigation, regulatory submissions, and any situation where document integrity might be questioned.

Audit trails record who redacted what, when, and which PII types were identified and removed. Useful for internal compliance records and for responding to regulatory enquiries about your data handling processes.

Not every organisation needs both immediately. A two-person conveyancing firm probably doesn't need detailed audit trails on day one. A local authority processing hundreds of FOI requests annually probably does.

Consider whether you need these features now, or whether you'll grow into them. Some tools include them in all plans. Others restrict them to enterprise tiers.

Pricing models

Redaction software pricing falls into three patterns.

Per-user licensing charges a monthly or annual fee per seat. Predictable costs but expensive for large teams. Adobe Acrobat, Foxit, and many desktop tools use this model.

Per-document or usage-based pricing charges based on volume. Cost scales with use. Good for variable workloads but harder to budget. Some cloud-based tools use this.

Tiered plans combine per-user pricing with feature gates at each level. RedactProof uses this model: Free (unlimited pattern recognition, pixel-burn redaction, footnote attribution), Core (£19/month, on-device AI detection, certificates, OCR), Pro (£79/month, unlimited documents, audit trail, Precision engine), Team (£249/month, 5 seats, admin dashboard).

Factor in the cost of time, not just the licence fee. A tool that costs £79/month but saves 20 hours of manual redaction work per month is cheaper than a tool that costs £13/month but requires everything to be done by hand.

Deployment and IT requirements

Desktop applications need installing on every machine. This means IT involvement, licence management, and device-specific access. Fine for settled teams with consistent hardware. Difficult for organisations with BYOD policies, remote workers, or locked-down IT environments.

Browser-based tools need nothing installed. Open a browser, load the tool, start working. RedactProof runs in any modern browser on any device. This eliminates the IT procurement cycle and allows same-day adoption.

Cloud-based platforms sit somewhere between - no desktop install, but your documents travel to external infrastructure. Evaluate this against your data handling policies.