Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Privacy Do's and Don'ts for Customer Service Representatives

525 views

Published on

Presentation delivered through Lorman Education focused on privacy best practice for customer service representatives

Published in: Business
  • Be the first to comment

  • Be the first to like this

Privacy Do's and Don'ts for Customer Service Representatives

  1. 1. PRIVACY DO’S AND DON’TS FOR CUSTOMER SERVICE REPRESENTATIVES
  2. 2. PRIVACY DO’S AND DON’TS FOR CUSTOMER SERVICE REPRESENTATIVES Last month a major telecommunications company was hit with a $25 million fine for data protection violations that occurred in 2013 and 2014 in several of its outsourced contact centers in Mexico, Colombia, and the Philippines The fine was part of a settlement that the telecommunication’s company reached with the Federal Communications Commission (FCC) Several incidences where employees at the company’s contact centers reportedly passed the names, full or partial Social Security numbers, and other account information of about 280,000 U.S customers of the telecommunication company to illegal third parties who then used the information to unlock stolen cell phone The $25 million fine is the largest data security enforcement action to date for consumer privacy breach 2
  3. 3. CONSUMER PRIVACY – EXTERNAL THEMATIC ISSUES Safeguarding customer information is everyone's responsibility Failure to safeguard customer information is expensive for companies Civil, criminal, legal and regulatory costs are rising for companies Social Security numbers, especially when paired with other personal information, such as names, addresses, email addresses, employment records and birth dates, a hacker can make between $250 and $400 each Keeping valuable customer data out of the hands of cyber-thieves is a constant battle 3
  4. 4. THE TOTAL NUMBER OF DATA BREACHES HIT A RECORD HIGH OF 783 IN 2014 4 0 100 200 300 400 500 600 700 800 2010 2011 2012 2013 2014 NumberofDataBreaches Years Reported Data Breaches in the United States Since 2010 Source: Identity Theft Resource Center (ITRC)
  5. 5. CONSUMER DATA PROTECTION LAWS HAVE EVOLVED IN RECENT YEARS RESULTING IN HEIGHTENED COMPLIANCE AND RISK MANAGEMENT ISSUES 1. Health Insurance Portability and Accountability Act (HIPAA) applicable to the health care industry 2. Gramm-Leach Bliley Act (GLBA) "safeguards" regulations for financial institutions 3. State insurance law analogs to GLBA Safeguard Rule applicable for financial institutions 4. State laws governing businesses that maintain personal information of residents e.g. Massachusetts, Nevada and California) 5. Massachusetts "Written Information Security Program (WISP) is required if a company has personal information of Massachusetts residents even if the company itself is not present in the state. 5 1 2 3 4 5
  6. 6. DESPITE THE GROWING NUMBER OF ATTACKS COMPANIES ARE STILL NOT DOING ENOUGH TO PROTECT PERSONALLY IDENTIFIABLE INFORMATION (PII) Data security Downgrade risks - not assigning it the appropriate level of importance Lack of resources and a critical disconnect" between chief information officers and senior leadership Key Question - Is there a lack of resources and a critical disconnect between heads of customer service organizations and the people employed to serve customers across different channels like phone, email and chat? 6
  7. 7. COMPANIES MUST ADOPT REASONABLE DATA SECURITY MEASURES 7 SECONDLINE FIRSTLINE THIRDLINE Operations and Business Units (design and operation of controls) Management Assurance (ongoing controls and monitoring) Independent Assurance (External Audit)
  8. 8. COMPANIES MUST ADOPT REASONABLE DATA SECURITY MEASURES 8 SECONDLINE FIRSTLINE THIRDLINE Operations and Business Units (design and operation of controls) Management Assurance (ongoing controls and monitoring) Independent Assurance (External Audit)
  9. 9. COMPANIES MUST ADOPT REASONABLE DATA SECURITY MEASURES 9 SECONDLINE FIRSTLINE THIRDLINE Operations and Business Units (design and operation of controls) Management Assurance (ongoing controls and monitoring) Independent Assurance (External Audit)
  10. 10. QUALITY ASSURANCE AND INTERNAL CONTROL REVIEWS ARE PROGRAMS TO ENSURE PROTECTION OF CONSUMER PRIVACY 10 SECONDLINE FIRSTLINE THIRDLINE Operations and Business Units (design and operation of controls) Management Assurance (ongoing controls and monitoring) Independent Assurance (External Audit)
  11. 11. SO WHAT ARE THE PRIVACY DO’S AND DON’TS FOR CUSTOMER SERVICE REPRESENTATIVES? Do’s Don’ts • Routinely conduct quality assurance monitors across all of your channels e.g. voice, email and chat placing as much emphasis on internal conformance measures as you would on customer experience • While your quality assurance program is robust and mature, don’t assume all of your customer service representatives are adhering to your internal conformance measures • Establish an internal control review process to supplement your quality assurance program to ensure your customer service representatives are following policies and procedures • No process in place to routinely sample end- to-end customer transactions to ensure your policies and procedures are being followed by your customer service representatives • Create and enforce a clean desk policy • You don’t have a clean desk policy • Ensure agents press ‘Ctrl-Alt-Delete’ on their desktop computers when they step away from their desks • Allow customer service representatives to walk away from their cubes without properly securing sensitive customer informaion 11
  12. 12. BUILD A CULTURE OF PRIVACY WITHIN YOUR CUSTOMER SERVICE ORGANIZATION Education Compliance Risk-based approach to customer transactions Independent investigative regimes Program for resolving issues that arise 12
  13. 13. LET’S KEEP IN TOUCH 13 Art Hall Alvarez and Marsal 3424 Peachtree Road Suite 1500 Atlanta, Georgia 30326 (404) 759-9158 ahall@alvarezandmarsal.com Twitter: Art_Hall4 LinkedIn: https://www.linkedin.com/in/arthall
  14. 14. 14

×