With less than 200 days until GDPR comes into effect throughout the EU and UK do you know what impact it will have on your business? There is also a large misconception surrounding GDPR, as it is an EU law many UK businesses believe that once the UK leaves the EU that GDPR will no longer affect them, this is entirely wrong. The government has reiterated that even post Brexit the GDPR will still be in effect, so there’s no putting temporary measures in place to ensure that you are fully compliant while still bound by EU law.
The GDPR is a whole new set of legislation and regulations to govern how data is captured and ultimately stored, these stricter rules will especially have an effect on contact centres. Hubs of data collection and processing, there are over 6,200 contact centres in the UK with around 4% of the UK’s population being employed at a call centre. However, failure to comply comes with an even bigger price tag under the GDPR than it does under current legislation. Depending on the size of the breach a company could be looking at a €10 million fine or 2% of the company/group’s worldwide sales (whichever is the greatest amount) for a smaller scale breach or €20 million or 4% of the company/group’s worldwide sales (again, whichever amount is greatest). With larger fines there’s even more incentive now than ever to get fully compliant.
Whether you operate a contact centre directly in house or outsource any contact centre requirements all businesses still need to think and be aware of the impact the new GDPR legislation will have on every process within that process from data collection to processing and then storing that information.
For contact centres a major impact is how the GDPR sets out to define what personal information is. For example, under current legislation definitions have been narrow and precise whereas the GDPR covers any and all data that can be used to identify an individual, either a single piece of data or a data that can be used in combination with other pieces of data. This new ruling means all personal data is protected under GDPR, businesses need to be conscious of how they store any personal information as individuals also have the right to access their details at any time and modify it or ask for it to be removed promptly.
Contact centres need to ensure they have the right infrastructure to manage such requests of individuals and to complete them to the satisfaction of both the individual and the GDPR. The new data regulations actually suggest that self-service is the best approach for providing this ability. All businesses will need to review their data protection processes and systems to ensure that they are able to comply with the incoming GDPR and if they discover that they will not they need to upgrade and update their systems in line with the new legislation.
Although the GDPR is bringing about a large change, it is a change for the better as it will undoubtedly improve standards around privacy and data protection, minimising and moving to eradicating data breaches like those that we have witnessed in recent years.
Get in touch with us here at C3 to see how we can help you, contact our team on 01223 427700 or email firstname.lastname@example.org.