Protecting confidential customer data is a complex process. Chances are your contact center records calls – for quality, for proof of payment, or possibly for compliance purposes. One key question that continues to take center stage is: how do you uphold the integrity of those recorded interactions, while still maintaining customer security and following business regulations?
There are both the positive effects and the challenges that contact center managers are experiencing as they work to achieve and maintain compliance with the PCI DSS (Payment Card Industry Data Security Standard). Some of the most common issues are:
1) Key drivers such as increased awareness of the standard and associate penalties, new guidance specific to call recording in contact centers, and new global deadlines are propelling PCI DSS uptake and impact.
2) PCI Security Standards Council guidelines fluctuate– This has been especially true with regard to guidance pertaining to contact centers this year! Find out who in your company keeps on top of PCI guidance and have a plan for regular communication of any changes that apply to your group. Also, be aware that a revised version of the standard itself (PCI-DSS version 1.3) is due out in October, so you’ll want to be looking for that and any ways it may impact your business
3) Improvements in data security – Some of the best ways to improve customer data security are to
–Maintain all database servers on which payment card information is stored in secure data centers with restricted physical access
–Ensure the data within the QA/recording and CRM solutions are encrypted using strong encryption protocols
–Ensure that the card validation is not stored in an audio format (e.g., wav, mp3, mpg, etc.) that can •be queried.
–Restrict access to QA/recording and CRM data containing payment card data based on the user’s log-in account and corporate role
–Prevent all screen and voice recordings that include payment card data from being sent to individuals without first being encrypted
–Limit the amount of time that card information is kept on the QA/recording server and CRM solution databases, while ensuring compliance with any other regulations that may have data retention standards
In a June 10th webcast, Discover the Impact of PCI Compliance on Your Contact Center: The Good, the Bad & the Ugly, Kristyn Emenecker, Product Marketing Manager, Enterprise Contact Center, Verint® Witness Actionable Solutions® will discuss these issues in detail. She will also address how to apply best practices from leading customer contact centers