Personal data now needs to be as secure as payment data.
As a contact center, you are more likely to be exposed to, handle, use or store personal data of your customers. That means that GDPR will apply to you.
Recent research by Thales Security revealed that half of UK consumers don’t believe commercial organisations care about their privacy. In fact, UK consumers are becoming increasingly reluctant to trust anyone with their personal information, especially in retail, banking or travel. What’s more, 77% suggested that a failure to comply with GDPR would negatively impact their perception of an organisation.
What is GDPR
GDPR – General Data Protection Regulation – is intended to improve how data is protected as well as increasing the accountability for those organisations that suffer data breaches.
GDPR is the most comprehensive data privacy regulation to date and allows individuals to have better control over their own data. Because of this, it presents challenges to organisations who process personal data of any EU citizen – regardless of where that organisation is headquartered. Any organisation that handles or uses personal data from EU citizens are obligated to comply with GDPR, regardless of where they are based. If you don’t you could face heavy fines of up to €20 million or 4% of your global turnover.
Get in touch today
Get in touch today and find out how Eckoh can help you with your GDPR and PCI DSS compliance.
What is ‘personal data’?
GDPR re-defines personal data as ‘any information relating to an individual, whether it relates to his, or her, private professional or public life’. This is a wider definition from previous data protection legislation and covers name, home address, photo, email address, bank details, social media posts, medical information and a computer IP address.
Any data set that can be used to identify an individual, is required to be regulated by GDPR.
GDPR & Brexit.
The UK Government has already stated that it will implement the same regulation for the UK so that after Brexit there will still be a common standard to apply to data protection. For that reason, compliance remains a priority - now and in the future.
Card-not-Present (CNP) crime in contact centers continues to rise so it remains a top priority to significantly reduce the risk of fraud and the impact of a data breach. Download the eGuide to CNP crime in Contact Centers for advice on how to combat the threat.
PCI DSS Compliance Explained
For a jargon-free guide to PCI DSS compliance for contact centers download the eGuide for the answers in one place.
De-Scoping Your Contact Center
If you’re not a payment security expert, achieving, let alone maintaining, PCI DSS compliance can be difficult. Why not consider easing your burden by de-scoping as much of your contact center as you can? Download our guide to ‘Building a business case for de-scoping your contact center’ to set you on your way.