What is GDPR Compliance and Why Contact Centers Should be GDPR Compliant

Harry Fozzard Published on September 10, 2021

Summary

Open Access BPO recently completed a comprehensive GDPR audit to certify that we comply with the General Data Protection Regulation laws. Read this to learn why we comply with GDPR and how it fits into our framework for service delivery excellence. This GDPR Certification compliments our PCI DSS Level 1 certification.

Contact Center Compliance – Untangling Acronyms

Call centers must respect myriad rules and regulations designed to protect consumer privacy and prevent unwanted intrusion into their lives. Companies dialing the US market consider some or all of the following regulations:.

  • Telemarketing Consumer Protection Act (TCPA)
  • National Do Not Call Registry (the DNC List)
  • Health Insurance Portability and Accountability Act (HIPAA)
  • Fair Debt Collection Practices Act (FDCPA)
  • Payment Card Industry Data Security Standard (PCI DSS)
  • Consent for Call Recording (law vary by state)
  • California Consumer Privacy Act (CCPA)
  • General Data Protection Regulation (GDPR)

Each has its unique mandates and applications. A call center that doesn’t do outbound telemarketing needn’t consider TCPA. Centers engaged in B2B sales might not need to respect the DNC list. Companies that are not engaged in collections or gathering medical information are not obliged to comply with HIPAA or the Fair Debt Practices Act, respectively.

Compliance extends to a range of formal measures enacted at the organizational level for departments like Operations, Information Technology, Human Resources, and Training. These measures obtain when everyone, from the executive suite to the frontline agent, understands and promotes these standards with a complete understanding of their import and application.

We could say that compliance is part of the service companies outsource to service providers like Open Access BPO. Our clients patronize us because we handle data security and data privacy duties. Further, compliant organizations demonstrate the kind of commitment to privacy and industry self-policing that mark quality organizations. These call centers and BPOs rise to the level of representing the brands that engage them.

What is GPDR?

Against this backdrop of various compliance mandates, the General Data Protection Regulation laws arrived in 2018 with great fanfare. Commonly called GDPR, the European Union (EU) enacted this legislation, and it requires businesses to protect EU citizens’ personal data and privacy.

Since it’s impossible to ascertain a person’s citizenship using standard call center or business process outsourcing tools, any global business must comply with GDPR.
GDPR enacts a sweeping set of rules about personal data, starting with consent. According to the GDPR site, “Consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.”

Building on that accumulated data, there are extensive rules about data privacy. Data protection falls into two categories: data protection and data privacy. For GDPR, data protection is keeping data safe from unauthorized access. On the other hand, data privacy guarantees that users retain the right to make their own decisions about who can process their data and what they can do with it.

For any organization planning a GDPR compliance initiative, you can find everything on the GDPR.eu site, including a compliance checklist and templates to get you started.

GDPR for Contact Centers & Business Process Outsourcers

Call centers will need to wrap their arms around the organizational behaviors that treat personal data differently now that GDPR has set a benchmark for privacy legislation. In essence, we need to start thinking about personal data from the perspective of the person.

Data protection becomes a priority. People get assigned to the job of promoting the tenets of data security and data privacy. This team monitors collected, stored, and processed data. Transparency dictates that we report data breaches to affected parties in a timely fashion.

Call recording isn’t a default setting anymore. Call recording falls under the consent umbrella of specific, informed, and unambiguous. A set of official rules governs the reasons for call recording, so “This call may be monitored or recorded for quality assurance purposes” may be on the way out. To record a call, you need a reason that benefits the caller, and she must agree to the recording.

Third parties secure the data and keep it accessible to its owner. Call centers and BPOs that store data are responsible for its security and access. Companies that outsource to call centers and BPOs are likewise accountable for that data. Data must be safe, and the data owner must have access to move or remove their registered data. Moreover, any data owner can invoke the GDPR right to be forgotten and have their data removed.

The Future of Privacy for Contact Centers & Business Process Outsourcers

The penalties for GDPR non-compliance can be steep. In late 2019, ZDNet reported that the German Federal Commissioner for Data Protection and Freedom of Information slapped mobile services provider 1&1 Telecommunications with a 9.55m ($10.65m) fine.

The reason? 1&1 Telecommunications did not effectively protect its customers’ personal data. Anyone calling 1&1’s call centers could access customer information with a name and date of birth.

Leaving aside the financial and legal penalties for non-compliance, more significant considerations should drive BPOs into the arms of GDPR’s intent.

As consumers increasingly understand and question how third parties manage their dataโ€”pushing back on the surveillance economyโ€”businesses must embrace responsible customer-centric behavior concerning data.

This imperative parallels the drive for customer experience excellence. As users grow to expect more competent, seamless support that keeps getting better, more proactive, and more anticipatory, their sensitivity to data use matures. They understand that data permits these strides in customer support efficacy. One manifestation of data use that has hopefully reached its twilight: uninvited, stalker ads are waning. Government intervention is one reason; another is that people don’t like it.

Businesses who champion the customer ultimately win, not because legislation mandates these consumer protections, but because they make winners of all stakeholdersโ€”consumers, BPOs, and client organizations.

These organizations, cognizant of the human rights to privacy and data ownership, deliver an experience that anticipates customer needs for assistance and their need for data custodians that they can trust.

Read More

Avatar photo
Harry Fozzard works with the marketing team at Open Access BPO, one of the world's leading high-touch multi-lingual service providers. He's been working at the intersection of marketing and offshore outsourcing since 2002. He's dived throughout SE Asia and Australasia
Join us on facebook
Open Access BPO 6 hours ago
Open Access BPO has officially launched OACIS, its very own coaching tool designed to introduce new paths to employee improvement. With how comprehensive the tool is, expectations are high for how transformative it can be.

Learn more about OACIS here: https://buff.ly/3YYqi9h

----------
We're committed to continuous improvement, striving to deliver exceptional service to our partners and their customers.

Learn more about how we can help your business thrive, please reach out to our team: OpenAccessBPO.com

#WeSpeakYourLanguage
#EmployeeManagement #SkillsTraining
#EmployeeExperience #TalentDevelopment
Open Access BPO 7 days ago
The holiday season is a double-edged sword for businesses. On one hand, itโ€™s a golden opportunity to boost sales. On the other, itโ€™s a daunting challenge to maintain exceptional #CustomerService amid the surge in inquiries and heightened expectations.

But fear not, brands, big or small! We know how to elevate your customer service game this holiday season: https://buff.ly/3OreCax

----------
You don't have to face the holiday rush alone.
Partner with a trusted #CustomerSupport call center that's powered the success of industry giants: https://buff.ly/40NMcP9

#WeSpeakYourLanguage
#CustomerSupport #CX #CSat
#CustomerSatisfaction #CustomerExperience
Open Access BPO 7 days ago
๐——๐—ฎ๐˜ƒ๐—ฎ๐—ผ is one of today's leading #BPO destinations, contributing to the #๐๐ก๐ข๐ฅ๐ข๐ฉ๐ฉ๐ข๐ง๐ž๐ฌ' distinction as a premier player in the global #outsourcing scene. The city's economic strength proves its capacity to host rich #offshoring investments.

Its provincial rates, coupled with a population of highly skilled professionals make #Davao an ideal budget-friendly option for English language #BackOffice solutions.

Fuel your ๐›๐ฎ๐ฌ๐ข๐ง๐ž๐ฌ๐ฌ ๐ ๐ซ๐จ๐ฐ๐ญ๐ก with ๐œ๐จ๐ฌ๐ญ-๐ž๐Ÿ๐Ÿ๐ž๐œ๐ญ๐ข๐ฏ๐ž ๐›๐š๐œ๐ค ๐จ๐Ÿ๐Ÿ๐ข๐œ๐ž ๐ฌ๐ฎ๐ฉ๐ฉ๐จ๐ซ๐ญ delivered from ๐Ž๐ฉ๐ž๐ง ๐€๐œ๐œ๐ž๐ฌ๐ฌ ๐๐๐Ž ๐ƒ๐š๐ฏ๐š๐จ: https://buff.ly/3AMLpDq

----------
๐„๐ฑ๐ฉ๐ฅ๐จ๐ซ๐ž ๐Ž๐ฉ๐ž๐ง ๐€๐œ๐œ๐ž๐ฌ๐ฌ ๐๐๐Ž
โ€ข Our Solutions: https://buff.ly/3YMscKj
โ€ข Our Other Locations: https://buff.ly/4evCh41

#WeSpeakYourLanguage
Open Access BPO 7 days ago
๐—˜๐—ฐ๐—ผ๐—บ๐—บ๐—ฒ๐—ฟ๐—ฐ๐—ฒ ๐—ฏ๐—ฟ๐—ฎ๐—ป๐—ฑ๐˜€ ๐—น๐—ผ๐˜€๐—ฒ ๐—ฎ ๐˜€๐˜๐—ฎ๐—ด๐—ด๐—ฒ๐—ฟ๐—ถ๐—ป๐—ด $๐Ÿฐ๐Ÿด ๐—ฏ๐—ถ๐—น๐—น๐—ถ๐—ผ๐—ป ๐˜๐—ผ ๐—ณ๐—ฟ๐—ฎ๐˜‚๐—ฑ ๐—ฒ๐˜ƒ๐—ฒ๐—ฟ๐˜† ๐˜†๐—ฒ๐—ฎ๐—ฟ.
And this loss is expected to grow annually unless online retailers make a significant move to strengthen their #DataSecurity strategies.

๐—›๐—ผ๐˜„ ๐—ฐ๐—ฎ๐—ป ๐˜†๐—ผ๐˜‚ ๐—ฝ๐—ฟ๐—ผ๐˜๐—ฒ๐—ฐ๐˜ ๐˜†๐—ผ๐˜‚๐—ฟ ๐—ฏ๐—ฟ๐—ฎ๐—ป๐—ฑ ๐—ณ๐—ฟ๐—ผ๐—บ ๐˜๐—ต๐—ถ๐˜€ ๐˜๐—ต๐—ฟ๐—ฒ๐—ฎ๐˜?

๐—ฆ๐˜๐—ฎ๐—ฟ๐˜ ๐—ฏ๐˜† ๐—ถ๐—ฑ๐—ฒ๐—ป๐˜๐—ถ๐—ณ๐˜†๐—ถ๐—ป๐—ด ๐˜๐—ต๐—ฒ ๐—ธ๐—ถ๐—ป๐—ฑ๐˜€ ๐—ผ๐—ณ ๐—ณ๐—ฟ๐—ฎ๐˜‚๐—ฑ ๐˜๐—ต๐—ฎ๐˜ ๐˜๐—ต๐—ฟ๐—ฒ๐—ฎ๐˜๐—ฒ๐—ป ๐—ผ๐—ป๐—น๐—ถ๐—ป๐—ฒ ๐—ฏ๐˜‚๐˜€๐—ถ๐—ป๐—ฒ๐˜€๐˜€๐—ฒ๐˜€ ๐—น๐—ถ๐—ธ๐—ฒ ๐˜†๐—ผ๐˜‚๐—ฟ๐˜€:
https://buff.ly/4hOEN8y

---------
For secure #outsourcing services trusted by global brands, elevate your business.
Contact us today: https://buff.ly/4fKNQpa

#WeSpeakYourLanguage
#InformationSecurity #InfoSec
#InternationalFraudAwarenessWeek
#FraudDetection #FraudAwarenessWeek
Open Access BPO 9 days ago
๐—˜๐—ฐ๐—ผ๐—บ๐—บ๐—ฒ๐—ฟ๐—ฐ๐—ฒ ๐—ฏ๐—ฟ๐—ฎ๐—ป๐—ฑ๐˜€ ๐—ฎ๐—ฟ๐—ฒ ๐—ฐ๐—ผ๐—ป๐˜€๐˜๐—ฎ๐—ป๐˜๐—น๐˜† ๐—ผ๐—ป ๐—ด๐˜‚๐—ฎ๐—ฟ๐—ฑ ๐—ฎ๐—ด๐—ฎ๐—ถ๐—ป๐˜€๐˜ ๐—ณ๐—ฟ๐—ฎ๐˜‚๐—ฑ๐˜€๐˜๐—ฒ๐—ฟ๐˜€. ๐—ช๐—ถ๐˜๐—ต ๐˜๐—ต๐—ฒ ๐˜€๐—ฎ๐—ณ๐—ฒ๐˜๐˜† ๐—ผ๐—ณ ๐˜๐—ต๐—ฒ๐—ถ๐—ฟ ๐—ฐ๐˜‚๐˜€๐˜๐—ผ๐—บ๐—ฒ๐—ฟ๐˜€ ๐—ต๐—ฎ๐—ป๐—ด๐—ถ๐—ป๐—ด ๐—ถ๐—ป ๐˜๐—ต๐—ฒ ๐—ฏ๐—ฎ๐—น๐—ฎ๐—ป๐—ฐ๐—ฒ, ๐˜๐—ต๐—ฒ๐˜† ๐˜€๐—ต๐—ผ๐˜‚๐—น๐—ฑ ๐—ฏ๐—ฒ!

While internal security measures are crucial, there's strength in numbers.
Luckily, you don't have to face them alone.

#CallCenter outsourcing can be your secret weapon in the fight against these criminals.

Here's how #CallCenter outsourcing can be your reinforcement against these criminals: https://buff.ly/3Z0GZCa

----------
Partner with an #outsourcing partner that keeps #InfoSec a top priority alongside great #CustomerExperience: https://buff.ly/3YYV970

#WeSpeakYourLanguage
#InformationSecurity #InfoSec
#InternationalFraudAwarenessWeek
#FraudDetection #FraudAwarenessWeek
Open Access BPO 10 days ago
It's crucial to meet your customers' expectations, but sometimes unforeseen circumstances can get in the way.

Here's a quick guide on how to handle those challenging moments and come out stronger with our #CustomerSupport strategy: https://buff.ly/3O7gYLa

----------
Let's turn mishaps into opportunities: https://buff.ly/3O26Bsc

#WeSpeakYourLanguage
#CustomerExperience #CX #CSat