Supplier Zone
How will GDPR affect your contact centre?

GDPR data protectionMedia coverage of the new General Data Protection Regulation (GDPR) requirements has been hard to miss. While the story has generally been around potential financial loss from not complying with these regulations, there’s much more to it than that.

 

The following tips will help you understand and prepare for GDPR, and communicate your data use and storage policies both internally and externally.

 

1. The overall goal of GDPR is to protect your customers

At the moment, contact centres focus on keeping customers’ sensitive card data safe, making sure none of their card information is stored, transmitted or processed in an insecure manner. The new GDPR requirements require companies to expand that thinking to all personal data, often referred to as Personally Identifiable Information (PII). This includes names, email addresses, account balances and passwords – almost anything that is specific to an individual.

 

2. Find out where PIIs enter your organisation

Finding out where the personal data comes from, makes it much easier to move it to a more secure place. The best way to do this is to produce a data map. Speak to your teams directly and find out who are the key users of reporting tools, databases and management information. Take a deep dive into one of their typical customer interactions and you may be surprised to discover how much personal and sensitive data is being used throughout your organisation.

 

3. De-scope, shift and segment the data you capture

Does each piece of data you collect add genuine value to your company? If not, don’t collect it. Do all teams need access to the data you need to collect? De-scope or shift the data where possible. Could you put ‘data filters’ in place to restrict the movement of sensitive data? Could you use different storage that isn’t cloud-based? Could you replace data with pseudonyms? These are areas to explore.

 

4. Rehearse what to do in the event of a breach

If you don’t have an existing data breach plan, there has never been a better time to create one. This kind of plan should include crisis communications, customer/stakeholder notification, regulatory disclosure, forensic investigation and containing further potential breaches. It’s also important to rehearse and practise a breach at least once a year, to not only ensure that your senior team knows what to do, but so that you can see what goes well and what you need to improve on.

Looking for a GDPR-compliant contact centre outsourcer? Connect here.


Related content
Multilingual, multi-channel hubs and the brave new world of customer service
Why UK companies are flocking to South Africa for contact centre services




©2018 AboutMatch    |    site map Powered by Go-Net