As of May 2018 you now have to comply with GDPR if you engage with customers in the EU – regardless of where you are based.

What does GDPR mean for contact centres?

As a contact centre you’re at the heart of your organisation’s engagement and the front line in customer service. That means that you are more than likely going to be exposed to, handle, use or store personal data of your customers. That means that GDPR will apply to you.

Data security matters to consumers – your customers. Recent research by Thales e-Security revealed that half of UK consumers don’t believe commercial organisations care about their privacy. In fact, UK consumers are becoming increasingly reluctant to trust anyone with their personal information especially in retail, banking or travel. What’s more 77% suggested that a failure to comply with GDPR would negatively impact their perception of an organisation.

Can you afford to lose your customers to the competition?

If you take card payments and GDPR is on your mind it’ll be worth looking at PCI DSS solutions to help you on your path to compliance.

Taking card payments exposes your contact centre to sensitive payment details. At the same time, you’ll be gathering personal information too – such as name, address, postcode or IP address. Using a PCI DSS secure payment solution such as CallGuard can help you make all this data secure.

Eckoh have long held the belief that de-scoping your entire contact centre is the most secure way to protect sensitive and personal data. Because, if you don’t store this information in your environment at all then it’ll be one less requirement that you need to worry about when it comes to
GDPR compliance.

With data breaches, card data exposure, ransom attacks and other, increasingly clever, scams to obtain personal card data. It’s time to make sure your contact centre is secure. Your customers take their data seriously so you need to do the same to protect your business.

What is GDPR?

GDPR (General Data Protection Regulation) is intended to improve how data is protected as well as increasing the accountability for those that suffer data breaches.

GDPR is the most comprehensive data privacy regulation to date and allows individuals to have better control over their own data. Because of this it presents challenges to organisations who process personal data of any EU citizen – regardless of where that organisation is headquartered. Any organisation that handles or uses personal data from EU citizens is obligated to comply with GDPR, regardless of where they are based. If you don’t you could face heavy fines of up to €20 million or 4% of your global turnover.

GDPR and Brexit:

The UK Government has already stated that it will implement the same regulation for the UK so that after Brexit there will still be a common standard to apply to data protection. For that reason, compliance remains a priority - now and in the future.

What is ‘personal data’?

GDPR re-defines personal data as ‘any information relating to an individual, whether it relates to his, or her, private professional or public life’. This is a wider definition from previous data protection legislation.

    Personal data could be:
  • Name
  • Home address
  • Photo
  • Email address
  • Bank details
  • Social media posts
  • Medical information
  • A computer IP address

Any data set that can be used to identify an individual, is required to be regulated by GDPR

How can Eckoh solutions help

Eckoh is a world-leading provider of secure payment and customer engagement solutions that address this very challenge. Our patented solution, quite simple, makes this personal data secure. If it’s not there it can’t be stolen so, should you be unfortunate to suffer a data breach, no customer personal or payment data would be exposed. Our solutions are PCI DSS compliant and so can help towards your overall GDPR obligations.

The Payment Card Industry Data Security Standard (PCI DSS) addresses specific issues around storing, processing or transmitting sensitive card data. Achieving compliance to this standard will most definitively contribute to your overall GDPR compliance plan.

If PCI DSS is unfamiliar to you and you’re not sure what it can do for you then take a look the PCI DSS Help page and the compliance solutions that Eckoh offers such as agent assisted and automated payments to Live Chat Pay or Apple Pay. Alternatively, download the resources below for deeper insight.

The PCI DSS Definitive Guide

The Definitive Guide

A practical guide to all you need to know about and how to get started.

CNP Crime in Contact Centres eGuide

The Rise in CNP Crime in Contact Centres

Find out what’s happening, who’s doing it and how you can combat it

Secure Payment eGuide

PCI Guide
to Safe Payments

Simple things you can do to make payments safer