VMBlog on the 3rd anniversary of GDPR

Gary E. Barnett, CEO of Semafone
"The European Union's General Data Protection Regulation (EU GDPR) was designed to safeguard personal data in the new digital age. Any firm that collects, processes or stores data on EU citizens must comply – regardless of where they operate, making GDPR a requirement for businesses that operate on a global scale.
Regulatory compliance is particularly challenging for the customer service industry. In contact centers, call recording is essential to facilitating dispute resolutions, ensuring quality control, discouraging fraudulent behavior for both agent and caller, and helping train staff. Under the GDPR, contact centers have to document data processing activity and those that use call recording as part of their training or for quality control purposes need to ensure they obtain consent from the individual. The EU GDPR not only empowers and protects customers, but also puts the control of their personal data into their own hands. Since they’re on the front lines of customer information, call centers must take a holistic look at information security and data processing to ensure customer data and personally identifiable information (PII) is secure and compliant.
The safest way of securing customer data is to not store it in the first place. Although data security technology has improved, masking solutions add another layer to prevent bad actors from hacking your personal information. After all, they can’t hack it if it’s not available."