Call Center Compliance: What You Need to Know
Call center compliance refers to the standards that a call center must follow to protect its customers and the sensitive data shared during their interactions with call center agents. These standards are defined by specific laws and regulatory agencies such as the following:
- Telephone Consumer Protection Act (TCPA): This law regulates telemarketing calls and is overseen by the Federal Communications Commission (FCC).
- Payment Card Industry Data Security Standard (PCI DSS): This is the global security standard for companies that handle credit card transactions.
- Health Insurance Portability and Accountability Act (HIPAA): Protects sensitive health information from being disclosed about a patient without their knowledge or consent.
These contain just some of the many rules call centers must comply with. They can be hard to keep track of, especially if they also have to comply with the standards set by other countries.
Compliances Call Centers Must Follow
Here’s a brief rundown of some general standards call centers should adhere to and some tips on staying compliant.
They Must Have Consent from Agent and Customer to Record Conversations
Here in the US—and in many countries around the globe—call centers must first ask for the customer’s consent before recording the conversation (usually for data gathering purposes). This applies to both inbound and outbound calls.
One common mistake is that the agent, or the call center as a whole, might assume that informing the customer that the call will be recorded can be considered consent. However, they have to get a clear response from the customer before proceeding. Not doing so would violate the TCPA.
Agents Shouldn’t Contact Numbers in the DNC List
The Do Not Call (or DNC) registry is a list that people can add their numbers to if they don’t want to receive telemarketing calls that involve sales pitches. Call centers have to be careful and avoid calling numbers from this list, as they could face penalties of over $43,000 per call.
The call center can prevent such mistakes by staying updated on the registry and providing lists to their outbound agents. If they call a DNC-registered number, it should only be for purposes such as:
- Providing information
- Debt collection
Call Centers Must Not Record Credit Card Data
The PCI DSS forbids call centers from collecting credit card information such as CVV, magnetic stripe data, and PINs when recording calls. Some tools used to prevent this include implementing a “pause recording” feature while the customer shares their credit card data.
The call center management should also ensure that their agents do not store the credit card information for themselves. Searching for paper with possible credit card numbers written on it is one of the measures to take.
Agents Cannot Threaten Customers to Pay Bills
Many call center agents are tasked with following up with consumers regarding their bill payments. However, some clients can become hostile when questioned about money issues. Nonetheless, the call agent should avoid harassing, threatening, or speaking abusively to the consumer. The call center would violate the Fair Debt Collection Practices Act.
You can avoid this violation by distributing a phone script for agents to use when dealing with an aggressive client. There should be no insulting language directed at clients in the script.
How to Keep a Call Center Compliant
Here are a few ways you can avoid having problems with call center compliance:
- Keep a Compliance Checklist: Staying updated on your industry’s compliance requirements will help your call center avoid accidentally breaking any rules.
- Create a Data Security Policy: You can implement company-wide compliant security measures to prevent leaks, such as tracking employees who regularly handle sensitive data. Your call center’s computer systems should also be secured against data breaches.
- Provide Regular Agent Training: Agents can receive routine training on handling calls and using tools to remain compliant.
We Take Call Center Compliance Seriously
Your company can outsource the work to an experienced call center service provider like ROI Solutions to maintain a compliant call center. We’re regularly updating our teams on new regulations so that our clients stay compliant. To learn more about how we can serve your business, you can check out the rest of the site or message us online.