The popularity of credit and debit cards in today’s society alongside the prevalence of identity theft has led to a recent uptick in interest surrounding the Payment Card Industry (PCI) Data Security Standard (DSS). As you look to secure and protect the data your contact center records, it’s important to understand the PCI DSS and its specific implications for contact center compliance.
Because PCI compliance is such an important issue for contact centers, CallCopy recently sponsored DMG Consulting’s whitepaper, Payment Card Industry Data Security Standard (PCI DSS) Guide for Contact Center Managers. This guide provides critical details about PCI DSS, how it affects call recording applications and what you can do to ensure your contact center operates in compliance with the PCI DSS.
Some of the topics include:
- What is PCI DSS? The PCI DSS is a security standard that includes requirements for security management, policies, procedures, and other critical protective measures and is intended to help organizations proactively protect customer account data.
- The Implications of PCI DSS for Contact Centers – Contact centers are responsible for ensuring that all data transmission systems, network segments and data storage solutions comply with the data security standards.
- Which Standards Apply to Contact Centers? While all 12 requirements may be applicable to some degree, requirements three (protect stored cardholder data), four (encrypt transmission of cardholder data across open, public networks) and 12 (maintain a policy that addresses information security) are especially relevant to contact centers.
- How Should Contact Centers Protect Cardholder Information? There are many steps you can take to protect customer data. For example, you’ll want to ensure that all employees are properly trained about all security policies and procedures. You’re also required to make sure that the data is encrypted using strong encryption protocols.
- PCI and At-Home Agents and Supervisors – At-home agents can present additional risks to PCI compliance, but certain precautions, like ensuring that agent screen and voice conversations are recorded, can help lower the overall risk.