Brought to you by IPC Tech — Platinum Certified Mitel Support Partner specializing in connecting your business applications to optimize your communication experience.

A personalized contact center experience has become a standard expectation. Customers expect you to know how they prefer to communicate, what they’ve purchased and why, and even what they didn’t buy and why. Meeting these expectations requires organizations to collect and store a wide range of personal information in the contact center, which serves as a focal point for customer service.

It’s the classic debate of personalization vs. privacy. How do you deliver the personalized contact center experience customers while responsibly sharing data and complying with increasingly stringent privacy laws?

If you do business with European customers, you’re compliant with the General Data Protection Regulation (GDPR) … right? The GDPR gives Europeans more control over their personal data, which means that organizations must establish strict policies and procedures for managing that data. Fines for noncompliance with the GDPR are severe.

As expected, stricter data privacy rules have made their way to the U.S. with the California Consumer Privacy Act (CCPA) going into effect on Jan. 1, 2020. Organizations that serve California residents and have annual gross revenues exceeding $25 million must comply. The law also applies to any organization that receives or discloses the personal data of at least 50,000 people, or that gains at least half of its revenue from the sale of personal.

Keep in mind that you don’t have to operate your business or contact center in California. If you meet the criteria of the CCPA, you have to comply.

The CCPA gives California residents four basic rights involving their personal data:

• They have the right to know what data about them is being collected, the source of that data, how it’s being used, whether it’s being disclosed or sold and, if so, to whom.
• They have the right to opt out of allowing an organization to sell their data to third parties.
• They have the right to require an organization to delete their data, with exceptions.
• They have the right to equal service and pricing. In other words, an organization can’t hold it against customers for exercising their privacy rights.

California is the first state to enact such standards, but it certainly won’t be the last. Other states are likely to follow the CCPA model and develop their own regulations.

The first step to preparing your contact center for the CCPA is to perform a thorough assessment of your data privacy policy, data inventory, data collection and storage practices, and standard operating procedures. You should also evaluate the technology used in the contact center and the availability of resources that can be used to establish and maintain compliance.

Your contact center assessment will help you identify gaps between CCPA requirements and existing operations so you can build a roadmap for compliance. This typically includes updating your data privacy policy, creating a data management plan that aligns policy with current regulations, and making sure requirements are satisfied across all communication channels. If you have a legacy contact center platform, it may be time to implement a unified communications solution that integrates the various channels and eliminates data silos.

If your customer relationship management (CRM) system integrates with your contact center, make sure you understand all data sources, how personal data moves in your organization, and where this data is stored, viewed and shared. This will allow you to respond to customer requests about their data, using the CRM as a single version of the truth.

IPC can assess your current data center and determine if an upgrade can facilitate compliance with the CCPA and similar regulations. Let us help you implement a modern contact center solution that seamlessly integrates with your CRM and other business applications without compromising data privacy.