Consumers are rightly concerned about the safety of their financial information. A series of high-profile data breaches have underscored the risk for the general public, such as the recent hacking at Target (News - Alert) that compromised information for tens of millions of customers.
To maintain consumer confidence, uphold quality standards, and protect vital data such as payment card information, companies with contact center operations must take measures to proactively keep data secure and maintain compliance with PCI (News - Alert) regulations. It’s important to find a solution that allows the company to control use of data and ensure delivery of quality services.
With the right workforce optimization solution, companies can remain in compliance with PCI, keep their customers’ data from falling into the wrong hands, and protect themselves from potentially hefty fines and significant legal liabilities. So how does a top-notch workforce optimization solution help contact centers achieve compliance with PCI requirements?
Flexibility has to be built into the solution. Contact center managers should look for a system that enables flexible call recording as well as secure storage and management of data and easy record retrieval. Ideally, the solution should empower the organization to achieve and maintain regulatory compliance – no matter what the industry. Here are some of the features that enable compliance with PCI and other regulatory standards:
Automated blackout: An automated blackout feature protects sensitive data by preventing the recording of confidential information. A system that uses start-and-stop triggers to identify the portion of interactions that contain sensitive information and pauses voice and desktop recording of that data helps companies make sure payment card information remains secure.
Secure audio and desktop recording: Storing audio and desktop recordings on the fly using robust 256-bit file-level encryption protects customer data by requiring a password or key file to access information.
Network encryption: Client-server communications during recording and in playback mode require another layer of security. Network encryption using SSL protects sensitive information at the network level.
Data access controls: Another important component of PCI compliance is the ability to accurately track all activities within an application. Contact center managers with the ability to conduct trace audits can easily determine who accessed system recordings for playback, export, and other functions.
Automated archiving and purging: In addition to PCI regulations, companies typically have their own business rules and government regulations to address. For that reason, customizable archival rules that enable automatic archiving and purging according to the company’s needs streamlines compliance.
When managing a contact center that handles transactions requiring sensitive payment information, it’s important for companies to consider all angles to protect vital customer data and achieve and ensure continued PCI compliance. Finding the right solution can streamline the compliance process and reduce exposure to legal liabilities.
To identify the right compliance partner, it pays to carefully assess business requirements and find a system that is integrated with the technology used in the contact center operation. An ideal PCI compliance solution not only protects consumer information – it safeguards the company’s most valuable asset: its reputation.
Matt Madzia is vice president of research and development at Uptivity (www.uptivity.com), formerly CallCopy (News - Alert).
Edited by Stefania Viscusi
