One month to go: is your contact centre ready for GDPR yet? Stephen Ball of Aspect Software gives invaluable advice on what should be in place before the 25th May deadline.
It’s been talked about for what seems like an age, but in just a few weeks it’ll finally become a reality: The General Data Protection Regulation (GDPR) comes into effect on 25th May 2018. It will impact any business that holds personal data on customers, prospects or employees based within the EU, so contact centres should take note! If you want to be fully compliant come May, there are several implications that you’ll need to be aware of.
Under the direction of our global GDPR team, we’ve closely analysed the requirements of the new legislation and how this affects how your contact centre should be preparing itself in the best possible way.
Below, we’ve listed the key steps that contact centres should take to make sure they’re fully in line with GDPR by next month. These are steps we’ve taken ourselves at Aspect, as part of our commitment to secure data management. Compliance will be king in the age of GDPR, so have a look at the below and see whether there’s any last-minute prep that you need to do:
– Complete a full data mapping audit of all activities undertaken by your company or on behalf of customers through your products and services, including: The reason for processing, the subject, different categories of data, the legality of storing this data, where it’s saved and the length of time it’s kept.
– Implement additional privacy features across your entire range of products and services. This will ensure staff and all customers are able to comply with GDPR requirements when interacting through the contact centre.
– Supplement all documentation related to security and processing activities while updating the policies and procedures of each relevant department. In addition to this, make sure there’s a global training programme in place for all staff responsible for handling personal data, including development and cloud operations.
– Develop ongoing data protection impact assessments (DPIA) to identify lawful methods of GDPR-compliant processing that can then be used to assist your customers in conducting their own DPIAs.
– Comprehensively update existing security protocols to detect, report and investigate any instances of data breaches that can be used to improve the notification and communication requirements under GDPR.
– In relation to the transfer of data to the U.S. and countries outside the European Economic Area (EEA), ensure that you provide safeguards that comply with GDPR.
– Ensure that any vendors or third parties who process data are entered into a written agreement to guarantee they are operating under the same strict GDPR compliant guidelines that you apply to your own organisation.
There’s a whole host of rules to contend with as far as GDPR is concerned, but with the right preparations in place and a bit of time spent addressing it, it needn’t be too much to worry about. It’s vitally important to fully understand the key facts within the GDPR guidelines and how these will impact the way businesses engage with their customers. After all, the contact centre will likely be scrutinised more than other areas of the business when it comes to compliance, so it’s important to spend some time getting your house in order, and ensuring that your customers are kept informed about the measures you’re taking.
Once you can confidently say you’re well and truly GDPR-ready, you’ll be in a great position to take your contact centre to the next level.
For more information on Aspect GDPR Click Here.