Contact centres 'woefully unprepared' for GDPR

Less than one fifth feel prepared, 60% still need to make changes and 5% are not prepared at all.

  • 6 years ago Posted in
A new study by voice security services company, Aeriandi, reveals that many UK contact centres still have significant preparation to complete ahead of 25th May, the ‘go-live’ date for the EU’s General Data Protection Regulation (GDPR).

The study, carried out at the Call & Contact Centre Expo in London in March 2018, shows surprisingly low levels of awareness of the regulation itself, and that the number of contact centres on course to comply with the new regulations ahead of, or by, the deadline is low.  

Key findings include:
  • Almost one quarter (24%) do not know what GDPR is. 
  • Over half (60%) still need to make changes and 5% are not prepared at all. Only 19% of respondents are prepared.
  • 70% are aware how GDPR will impact the contact centre, but are not confident they know how. 
  • Less than one third (29%) feel confident they completely understand how GDPR will impact the contact centre.
  • Less than one third (32%) of respondents say they definitely can deliver GDPR subject access requests (SAR).
Low awareness levels of how GDPR will impact call recording

Contact centres, particularly those that store call recordings, manage a wealth of personal information.  The new regulation covers any data that can be used to identify a person – either on its own or in tandem with other data.  Any call recordings stored by contact centres will fall under GDPR.

However:
  • 68% of respondents are not confident they understand how GDPR will impact call recording in the contact centre.
  • 6% do not think it will impact call recording in the contact centre at all. 
  • Only around one quarter (26%) are confident they understand how the new regulation will impact call recording in the contact centre. 
Access rights have the potential to delay compliance

Known as Subject Access Rights (SARS), the new regulation will give individuals the right to make reasonable requests to access their personal data, as well as the right to request any of their personal call data be erased.  This will place more stringent requirements on the storage and back up of customer voice recordings.

However:
  • More than a quarter of respondents – 28% – stated they are not confident their contact centre can deliver on SARs that meet GDPR requirements.
  • 46% either don’t know, or are not confident their contact centre can deliver on SARs.
Matthew Bryars, co-founder and CEO at Aeriandi, commented: “Organisations need to identify the areas where they are yet compliant and create a plan of action.  Contact centres will require a technology approach to meet the challenges effectively. The time to act is now.”
Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Atos has launched Atos OneCloud Sovereign Shield, a set of solutions, methodologies, and...
New distribution agreement set to bolster Westcon-Comstor’s Zero Trust offering in more markets...
Research from Avast has found that employees in almost a third (31%) of Small and Medium...
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53%...
Trend Micro has published new research revealing that 90% of IT decision makers claim their...
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real...