By Rob Crutchington, Managing Director, Encoded looks at the impact of GDPR on contact centres and discusses three ways to help them remain compliant using technology
Contact centres are challenging places. There is certainly plenty to think about with the rising cost of salaries, managing schedules to meet customer demand, looking after staff wellbeing, PCI DDSS compliance and now the added requirements of GDPR (General Data Protection Regulation).
Initial concerns about how the new GDPR regulations would affect contact centres, in terms of increasing costs and complexity of managing enquires, have to some extent dissipated. For those contact centres taking payments and already PCI DSS compliant, it was a relatively straightforward process to embrace GDPR regulations. They had typically invested in secure technologies, encryption and working with third party compliant companies in terms of PCI DSS. On the whole they were able to extend their technology and processes to protect personal data and meet GDPR requirements.
However, other organisations are still evaluating how new ways of streamlining processes can help meet GDPR data governance and management regulation, but are uncertain how to choose the best solution. At Encoded we have identified three ways that contact centres can apply technology to help them remain compliant:
1. Mobile Automated Identification & Verification (ID &V) – often a significant amount of time can be spent on identifying and verifying the caller. Having a person perform this task is expensive and means that customer data is at risk. A customer engagement platform is an alternative way to offer a cost-effective, secure solution to automate the screening and identification process. It can take the customer through set identification questions using Artificial Intelligence (AI) to simulate agent conversations, or it can use SMS text messages to authenticate the device being used. On initial registration and once the two-factor authentication process has been successful, the platform will accept and authorise payment requests that are automatically debited from the card holder’s account.
The advantage of this approach is that all information is encrypted and the agent is not exposed to any personal data, thereby complying with GDPR and PCI DSS. The data is processed and stored securely elsewhere. In addition, having signed up to the service, the customer has agreed to a data handling agreement that sets out how their information can be shared with a third party, ensuring confidentiality.
2. Customer self-service screening using IVR – accepting credit and debit cards via IVR has long proved to be an effective and secure way of taking payments. It allows customers to pay quickly, via their own unique identifiers – a PIN, date of birth, even voice recognition. Again, reducing or removing agent contact time is a more secure way for contact centres and their customers to comply with PCI DSS. Since everything is fully automated and confidential, the client information is stored centrally and securely within the system hosting the data, taking it out of scope for both PCI DSS and GDPR.
Capturing customer data via IVR also enables calls to be routed to the right agent with the correct skills, in the event of a request to speak to an advisor. The agent then has all of the relevant information available to manage the call successfully, but with key identification data screened, thereby ensuring GDPR compliance.
3. Cloud-based third party payment solutions – the third option to consider, and one that has gained significant traction over recent years, is to choose a cloud-based payment service provider. A trusted third party that complies with PCI DSS demonstrates proven adherence to a recognised security standard, which can also help contact centres to meet the GDPR legislation. Companies can apply a process of ‘de-scoping’ to reduce the number of requirements (tick-boxes) for GDPR, in the same way that they might do for PCI DSS compliance.
Of course, like PCI DSS compliance, the responsibility for GDPR cannot be entirely removed from the contact centre, however the effort required can be dramatically reduced by working in partnership with a payment solution provider.
Aligning GDPR and PCI DSS – the route to successful compliance
There is no doubt that GDPR has improved standards around privacy and data protection but at what cost? Contact centres that have worked hard to blend people and technology to enhance data and payment processes in the last year, have typically done everything they can to comply with both GDPR and PCI DSS.
For the rest, the good news is that it’s not too late to review what’s in place and make the switch, to new technology and/or a third party solution provider, to enable a secure, multi-channel seamless route for customer payments. The choice is there for the taking.
This is a Sponsored Feature
The UK’s National Data Strategy – Too Much Love?
By Julian Hayes, Partner at BCL Solicitors LLP
“We want the UK….to be the best place in the world to start and grow a digital business”. With this ambitious aim, the Government has laid out its National Data Strategy, focusing on unlocking the value of data, establishing a pro-growth data protection regime, and championing international data flows to promote economic development. Already a feted success, the UK’s digital sector now stands behind only the US and China in global venture capital funding and directly employs more than 1.5 million people in London and other major UK cities. Despite its laudable aspiration, however, the Data Strategy signals post-Brexit regulatory intentions which risk inhibiting and choking off the future growth of this successful UK industrial sector.
Bonfire of data obligations?
Though it emphasises the importance of public support and maintaining trust in how personal data is used, the Data Strategy highlights business’ lack of clarity about current data protection rules, takes implicit aim at the burden of the current data regime on innovators and entrepreneurs, and laments costly over-compliance and consequent risk aversion. In response, the Data Strategy foreshadows alleviating data compliance obligations, particularly for SMEs, once the Brexit transition period ends on 31 December 2020. Although the Data Strategy carefully avoids specifics, the complexity of the GDPR’s principles-based system and one-size fits all approach have long been a bugbear for micro-enterprises. Indeed, acknowledging concern in its recent two-year review of the GDPR, the European Commission (EC) itself urged national data regulators to lend SMEs a helping hand by offering ready-made templates, training and consultancy helplines. Nevertheless, the EC rejected calls to exempt smaller businesses from GDPR obligations, arguing that data risks were not dependent on an operator’s size.
Cross-border transfer dilemmas
Equally contentious is the Data Strategy’s approach to cross-border data transfers, cited as being of fundamental importance for economic development. The Data Strategy complains that such transfers of personal data are currently being inappropriately constrained and celebrates that the UK will be able to make its own ‘data adequacy’ decisions to allow for extra-territorial personal data transfers in a post-Brexit world. Unlike EC adequacy decisions which involve consultation between the Commission, the European Data Protection Board (EDPB) collectively representing EU data regulators, and member state representatives, UK adequacy decisions will be in the gift of the Secretary of State, subject only to Parliament’s rarely used negative resolution procedure. The Data Strategy effectively suggests UK adequacy decisions will be ‘up for grabs’ in future bilateral trade negotiations.
The transfer of personal data from the EU to ‘third countries’ has been a running sore in relations with the US which has not been granted an EC adequacy decision. The European Court of Justice (CJEU) has twice torpedoed hard-negotiated EU-US personal data transfer mechanisms, first ‘Safe Harbour’ and most recently the ‘Privacy Shield’ on which an estimated $7.1 trillion of annual transatlantic digital trade relied. US-UK trade documents leaked to the media in late 2019 suggested the US was seeking to weaken European data protection in its ongoing free trade negotiations with the UK.
These revelations merely added to pre-existing concern in Brussels, based on the UK’s Investigatory Powers Act (IPA), that Britain’s legal regime already falls short of offering an “essentially equivalent” level of personal data protection to that enjoyed in the EU. Aspects of the IPA have been repeatedly criticised by the European Courts, most recently in Privacy International’s challenge to the UK’s bulk retention powers. UK data sharing with third countries for law enforcement purposes has also raised concern in Brussels, with reservations at the UK’s participation with non-EU allies in the ‘Five Eyes’ agreement and expressions of disquiet by the EDPB and Members of the European Parliament at the implications for personal data protection of the UK-US bilateral data sharing agreement signed in October 2019.
Data adequacy – wait and see
Against this unpropitious backdrop, the prospects of Britain being granted an EC adequacy decision by the end of the Brexit transition period – something which the UK is pursuing – appear somewhat forlorn. From the Commission’s perspective, in the face of concerns over US authorities’ access to personal data, how could it grant an EC adequacy decision to the UK, allowing the free flow of EU personal data to Britain when the UK could, in turn, grant its own adequacy decision to the US, theoretically facilitating EU personal data to flow westwards to the US without what the EC regards as adequate protection? Even were the Commission to grant a EC adequacy decision to the UK, it is likely the decision would quickly face challenge in the CJEU from privacy campaigners. In any event, with the Data Strategy foreshadowing imminent changes to UK legislation, how could the Commission practically compare its own data protection regime with one which is morphing into something as yet undefined? Logic surely dictates it would delay making an EC adequacy decision until the future outline of the UK’s data protection regime becomes apparent.
Tech unicorns tethered
Avowedly aiming to drive UK economic growth by alleviating the deadweight of data protection obligations, the Data Strategy envisages digital entrepreneurs and innovators of the UK’s digital economy powering the country to success after the COVID-led downturn. But with the status quo of the Brexit transition period drawing to a close and an EC data adequacy decision potentially on-hold until the UK’s data protection regime becomes settled, the UK’s tech start-ups may in fact find themselves hamstrung by having to satisfy the EC’s data protection requirements in other ways, including the use of Standard Contractual Clauses and Binding Corporate Rules, if they wish to do business in Europe, adding an unwelcome layer of bureaucracy and expense to their overheads. Looking across the Atlantic, even if a US free trade deal is agreed, those same UK unicorns which the Government wishes to prosper would confront the formidable stranglehold of the US tech giants when seeking to break into the North America market. That would leave them reliant on the altogether smaller domestic market which would likely inhibit their growth. Despite the Data Strategy’s good intentions, its inadvertent consequence may in fact be the stifling of the very sector it was designed to assist.
How to overcome the ‘groundhog day’ effect Of remote working
By Chris Farmer, leadership and management training expert and founder of Corporate Coach Group
The ongoing pandemic means that for many people their place of work has been the lounge, the spare room or the ‘home office’ for more than the past six months. While it might have been a novelty at first, for many the lack of human interaction and spending so much time within the same four walls is becoming monotonous and this could lead to common bad habits which could destroy productivity and peace of mind.
In order to improve productivity and retrain the mind as we head into the winter period, here are some simple but powerful techniques you can use to make the most of working from home.
Don’t work in the room where you rest, relax or entertain yourself
Everyone is affected by their environment. We form strong mental-emotional associations between a particular activity and its location. When we are in a restaurant, we feel like eating; when we are in a swimming pool, we do NOT feel like eating.
When working from home, the associations between “Work” and “NOT-Work” become blurred because the two activities are taking place at the same location.
Consequently, both activities suffer. We feel we are never quite “at work”, and we feel we are never quite NOT at work. We feel we are in a strange “No man’s land” between the two states, and it is unsettling.
It is vital to separate our “work-space” from “rest space”. Ideally, you should have a separate room where you do all your work and NONE of your rest. Your living room is not where you work. If you do not have a separate room, then at least have a separate chair, and face an opposite wall.
We know people who work in their lounge. They sit in the same chair that they will be in, that evening, when watching TV. This is a mistake.
Dress for work, even when at home
Everyone is affected by the clothes they wear. When a police officer, a nurse, or a firefighter gets ready for duty, they put on their uniform. Why? Because every profession has its own identity; and every identity has an associated appearance.
Just because your physical place of work has changed doesn’t mean that your appearance needs to as well, and that’s not just because of video calls and meetings. It’s the same principle as working from your living room, if you adopt the identity of working in your casual clothes you will likely have the same mindset as you do when not at work.
We all know people who hang around the house in their dressing gowns and slippers, working with one eye on the TV and this is not conducive to productive working.
Dress as if you were going to work. Groom yourself as if you were going to work, because you are! When you have finished work, it is equally important to change back into your scruffs and relax.
Don’t allow the media to become your new best friend
People who work at home do not have the company of their colleagues, and so may turn to mainstream news for company. Everyone is susceptible to the suggestive influences of the media, which would be fine, if the media was objective and reasonably optimistic.
Unfortunately, the majority of headlines suggest; “It is bad and it’s going to get worse” and while it’s important for all of us to be aware of the latest updates regarding the pandemic and wider current affairs, it can also have the tendency to fill the mind with negative, pessimistic information.
The constant low-level hypnotic suggestions have an inevitable negative effect on our thoughts, feelings, actions and therefore our outputs. Avoid spending all of your time soaking your mind in the news agenda where possible such as through Facebook or Twitter and concentrate your attention onto something more productive to add value to your life.
Form a “Mastermind Alliance” with like minded people and talk to them every day
We are all profoundly affected by the company we keep and the voices we listen to.
Forming an alliance with two or three like minded individuals who (preferably), you do NOT work with, but who are in a similar position as you can be a really effective way of reminding yourself of the bigger picture and that in a sense we’re all in this together.
Your Mastermind Alliance may be from different companies or even a different industry but it is key this is composed of people who have an upbeat and can-do attitude.
Talk to them every day. The purpose of your mastermind alliance is mutual inspiration and emotional support. We ally ourselves with a small number of the right people: people whom we admire and who will challenge us to be at our best.
Keep good health habits; eat, sleep and exercise well
One of the basics that in particular needs to be prioritised as we head towards the winter is the focus on good health habits.
Why? Everything that we do in life requires energy – even if it’s just engaging your brain to perform your daily work from your desk at home. Energy defines your capacity to do work and it must be generated effectively to allow for maximum productivity.
This means you must maximise sleep, nutrition and exercise to generate sufficient energy while also minimising other negatives such as alcohol, calorific food and smoking, or using coping mechanisms such as comfort eating.
Instead, maximise the quality of your Sleep, nutrition and exercise.
- Sleep eight hours a night
- Eat small but eat well
- Exercise three times a week
- Avoid alcohol where possible
Keep your eye on the end goal
I know many of us are fed up of hearing this advice but it really is important to remember that this pandemic will not last forever. Life will return to some normality again and it’s important that we all continue to focus on our long term aspirations which we had before this all kicked off in March.
The human mind can tend towards one of two states: “goal focused” or “drifter mentality” and it’s important to focus on the former.
When working from home our biggest danger is that we lose our focus. We become distracted, disenchanted and we lose our edge. The solution is to continually monitor our state of mind and to do everything necessary to maintain a “Goal focused mentality”.
Goal focused mentality means continually setting goals: Set goals to:
- Improve your Work life balance (deliberately and knowingly separate your work activities from your non-work activities)
- Improve your dress code, grooming and appearance
- Maintain your professional identity
- Reduce your time on social media
- Engage the services of your mastermind alliance
- Increase the QUALITY of your nutrition
- Increase the quality of your sleep
- Reduce the amount of alcohol
- Increase the quality of your exercise programme.
- Generate more energy.
The only way out of trouble is to go forwards, by setting goals, formulating plans, motivating ourselves to take priority actions, and continually adapt ourselves so we are able to make progress, even when working from home.
Supply Networks: The Future of Procurement
By Sean Thompson, EVP of Network and Ecosystem, SAP Procurement Solutions
No supply chain has been spared by the impact of the coronavirus. Some parts of the world are indeed seeing businesses slowly look toward recovery and a gradual move to a ‘new normal’. But we cannot ignore that small shops and multinational corporations alike will continue to face challenges with regard to their manufacturing, distribution, logistics, and demand functions, as well as their overall financial well-being and that of their business partners.
A contributing factor to this disruption is the traditional, linear supply chain model, where each step is dependent on the one before it. Inefficiencies at one stage result in a cascade of inefficiencies down the line. And when the buyer and supplier are located at either end of the chain, it’s easy to see how collaboration breaks down and end-to-end visibility is nearly impossible.
The resulting reactive and uncoordinated response makes it challenging for procurement teams to know exactly which suppliers, sites, parts and products are at risk, and therefore, extremely difficult to secure new sources of supply in a timely manner.
Fostering the Partner Ecosystem
As businesses grapple with the ramifications of COVID-19, they must learn key lessons as they look to recovery. At the crux of this is rebuilding and restructuring resilient supply chains for a better future. This means moving beyond the traditional linear supply chain model to the implementation of a dynamic, collaborative supply network.
Unlike traditional supply chains, supply networks shift away from singular, point-to-point processes to a many-to-many structure that enables 360-degree visibility. Once an organisation is connected to a network, they become both a buyer and a supplier and gain broad visibility into the interconnected operations of their trading partners. Beyond allowing companies to identify emerging trends or issues more easily, access to a network also enables them to collaborate with new partners, improve cash flow, develop new products and accelerate sustainability.
Connecting to a network that includes producers, vendors, distribution centres, warehouses, transportation companies and retailers contributes to a businesses’ overall ability to move with agility, respond more quickly to demand and address unforeseen circumstances like those we’ve seen this year.
Building the Business Pillars of the Future
The global COVID-19 pandemic has suddenly accelerated the need for organisations to transform and respond to the unplanned and unprecedented. As a different world takes shape, longer term strategies for supply chains and operating models need to be re-assessed and prioritised in order for an organisation to advance in the following three key business pillars of the future: resiliency, profitability, and sustainability.
Digital transformation will play a major role for an organisation to withstand future disruptions and help pivot them toward recovery when disruptions do occur. In turn then, supply networks offer a holistic approach that enables greater transparency between trading partners and help organisations make decisions in real-time. Unlike linear supply chains, supply networks optimise operations and break down functional silos to enable organisations to realise the untapped potential of existing capabilities and achieve higher performance as well as greater value. Indeed, this is demonstrated by recent data from Bain & Company, which reveals how companies with resilient supply chains grow faster because they’re able to move quickly when market demand shifts.
When it comes to an organisation maximising its profit margins, resiliency and profitability go hand in hand. Businesses that run reliable, automated supply chains generate increased revenue because digital supply networks can smooth over any friction, and in turn, maximise the output. With automation and transparency in place, the ROI handles itself and the network becomes a profitability-driving tool.
Finally, businesses should always consider their sustainability goals; not only across their organisation, but within their supply network too. Beyond the need for creating long-term value, sustainability can foster innovation and encourage new ways of thinking that can ultimately lead to increased revenues, stronger customer relationships and improved brand perception. One way this is often addressed is by looking to reduce carbon footprints as a result of operations. However, sustainability exists deep within supply chains, like modern slavery and single-use plastics; these need to be addressed in equal measure too. The use of technology can help spot inefficiencies and risk so that today’s business leaders can instil long-lasting change and dig into the supply chains of their partners and suppliers, prioritising those who are also making sustainability a priority too.
It’s a New Dawn
Transforming from a supply chain to a supply network should support a business’ total digital transformation strategy. By taking advantage of the latest digital tools, businesses can remain resilient and scale at a rate that creates a competitive advantage.
An example of this done successfully is demonstrated by the Danish manufacturing company VELUX Group, which automated 64% of its 20,000 monthly order lines after digitally transforming supply chain operations and streamlining supplier collaboration. Now, the VELUX Group seamlessly conducts transactions with more than 200 vendors and enjoys improved processes, accelerated delivery dates and more time saved.
Digital supply networks are built to anticipate disruptions and mitigate risks. They leverage technology and data analytics to provide a continuous flow of information which allows business leaders to gain a holistic insight to all areas of the business. While moving to a supply network requires fundamental changes to many aspects of an organisation’s planning – from strategy, to business processes, to IT – the ability to keep up with fast-moving market dynamics is essential in today’s business environment more than ever.
The UK’s National Data Strategy – Too Much Love?
By Julian Hayes, Partner at BCL Solicitors LLP “We want the UK….to be the best place in the world to...
B2B plays a big role in our economy, but how can it contribute to our recovery?
By Richard Parsons from True, creative B2B marketing agency, discusses the current state of marketing and looks ahead to what...
UK leads the way in sustainable finance with the first set of requirements for investment management
BSI, in its role as the UK National Standards Body, has today published the first specification for responsible and sustainable...
Why investing should be treated like healthcare
By Qiaojia Li, co-founder and CEO at the award winning wealthtech company, Rosecut For many people, the process of investing...
Endpoint Security Industry: An Overview
Endpoint protection is the practice of stopping unauthorised actors and campaigns from targeting endpoints or access points of end-user computers...
Tech-enabled cash management strategies have come to the fore during the Covid-19 pandemic – and will be key to firms’ recovery from it
By Ed Thurman, managing director and head of Global Transaction Banking at Lloyds Bank Commercial Banking, outlines how technology-enabled solutions are...
5 ways to keep your team connected with split working
By Sam Hill, Head of People and Culture at BizSpace As the government switches its message back to “work from...
How to overcome the ‘groundhog day’ effect Of remote working
By Chris Farmer, leadership and management training expert and founder of Corporate Coach Group The ongoing pandemic means that for...
FinTech in Credit Markets: Efficiency and Potential Risks – Free webinar
As the financial industry’s landscape continually changes, the ever-quickening development in information technology has led to an unprecedented wave of...
The new virtual leaders – adapting your leadership style for a changed workforce
By Debbie Clifford, Head of People and Talent at Olive During this pandemic, organisations across all sectors have witnessed a dramatic...