What executives must know about contact center compliance

Ashley Sava

When it comes to call centers, regulatory compliance is not the place to take risks. Organizations that don’t abide by industry and contact center compliance regulations will face expensive fines and extensive litigation. Keeping the winding list of call center regulations straight can prove difficult for many call centers, but regulation adherence remains a priority for most large call centers—and a common use case for Tethr.

Here are some regulations regarding contact center compliance that managers can’t afford to overlook: 

Call monitoring consent

Several states in the U.S. require consent from both parties in order to record communications. Call centers must remain diligent in educating their teams on state laws. Businesses should implement policies for gaining consent before initiating these customer conversations. Since contact centers often conduct calls across the country, it’s advised to follow the strictest requirements to guarantee 100 percent contact center compliance.

While call centers nearly always tell incoming callers that their calls will be recorded, agents don’t always remember to let the customer know when dialing outgoing calls. Call centers should never assume that advising the caller that they’re recording is enough to prove consent. Some courts won’t uphold it in the rare case a customer sues the center. Explaining how the customer can opt out of the call before the conversation continues is a great way to cover all the bases. 

Recording the CVV2 number on cards is strictly prohibited

The Payment Card Industry Data Security Standard states that call centers are prohibited from recording CVV2 numbers along with other sensitive data such as pin numbers and magnetic stripe data. This applies to both written information along with recorded calls or other forms of communication.

When a call center records customer calls, storing this highly sensitive information is a risk. Call centers can combat this with an API fix that automatically pauses the recording when the call center agent enters the credit card information.

Fair Debt Collection Practice Act

The FDCPA forbids the use of abusive or threatening language or unfair debt collection practices: “A debt collector may not engage in any conduct the natural consequence of which is to harass, oppress or abuse any person in connection with the collection of a debt.” This act applies to contact centers that collect personal consumer debts including credit card payments, cell phone bills and late auto payments. It does not include business debts. Call centers should verify that all agents know how to speak calmly and use nonviolent language when talking to callers.

Do not call

The National Do Not Call Registry gives people a way to opt-out of telemarketing calls by registering their phone numbers online. Contact centers can view the registry online. Large fines can ensue for violators. 

Assume GDPR regulations for contact center compliance

The General Data Protection Regulation (GDPR) issued by the EU impacts call centers that do business with European companies or records information from EU residents.The GDPR strives to grant ownership of sensitive information to individuals. Customers can request all stored data and can ask for it to be erased. Businesses must be able to provide requested information to individuals in a timely manner at no charge and delete it promptly to remain in compliance.

Call Centers can’t share customers’ health data

The Healthcare Insurance Portability and Accountability Act (HIPAA) grants privacy and security of patient health information. Social Security numbers, IP addresses, full face photographic images, geographical identifiers and account numbers must be reasonably safeguarded. In short, businesses must restrict the flow of personal health information and prevent it from being shared with others.

Equal Credit Opportunity Act

The ECOA prohibits businesses from using race, age, color, religion, country or origin, gender, marital status, etc. to determine who qualifies for a loan. 

Agents should be trained on an annual basis

In order to ensure compliance, call center agents should brush up on their knowledge of policies and procedures at least once a year. Agent training should review regulations, include updates to new criteria and give reps a chance to ask as many questions as they need to. This keeps customers safe and employers out of trouble.

Tethr can help with contact center compliance

With the number of rules and regulations for contact centers to abide by, establishing a system to track and record this compliance is critical. Software like Tethr helps businesses improve contact center compliance by listening to all calls, transcribing them into searchable data, and scoring them. Tethr can alert compliance departments to compliance deficiencies before they become major regulatory issues.

Share