When it comes to protecting the financial security of your customers, it’s absolutely critical that your call center follows the latest Payment Card Industry Data Security Standards (PCI-DSS) for each of the five major brands. So what are some of the strategies your team can use to stay PCI compliant?
Here are some do’s and don’ts from your friends at DialConnection.
Do use speech analytics to identify sensitive information in captured recordings. This information should be deleted from the recording and the sensitive information should be fully redacted before storing the full call recording. It is important to make sure this does not contradict any work standards required by your clients. If your client requires a full recording, be sure to limit the access to these recordings to prevent misuse of the information.
Don’t provide unnecessary customer information to your call center agents. In order to protect your customer’s privacy and financial information, be sure to have your call center solution set to only give your agents the information they need. This can be achieved by masking parts of non-public customer information, such as account numbers and Social Security numbers. By doing this, you will be able to limit the risk of a misuse of information internally and prevent sensitive information from getting into the wrong hands.
Do use speech analytics to identify sensitive information in real time and pause the recording when necessary to avoid recording and storing sensitive information. Again, it is important to make sure this does not contradict any work standards required by your clients. Speech analytics can be added to your call center solution and can provide many useful benefits aside from adhering to the PCI-DSS.
Don’t forget about network security. There should be multiple layers of protection between outside forces and your customers’ sensitive information, such as firewalls, email encryption, and internet security. Be sure to keep these up-to-date at all times, as these are your first line of defense against information loss. There’s nothing worse for business than an infrastructure problem, so make sure you don’t lose business because of it.
Do perform monthly self PCI scans. By checking to make sure your business practices are compliant according to the PCI-DSS as well as per your clients’ requirements, you’ll be able to prevent a problem before it happens, or at the very least remedy the situation before it gets any worse. The goal of a self-scan is to protect your agents, your clients, and the customers they serve by becoming aware of your current process and making any necessary changes if necessary.
When it comes to remaining PCI compliant, you can keep your call center on the right side of the conversation by implementing these few common-sense tips. If the goal is to protect your customers, you should do everything in your power to ensure their financial security.
At DialConnection, we have experience working with companies like yours and we understand your unique PCI compliance questions. Feel free to give us a call should you have any questions on how to implement these strategies or if you have any additional questions about PCI-DSS in general.
Leave a Reply