Compliance Issues and Legal Implications around Call Recording

call recording compliance issues

Contact centers are all about customer service. In many cases, it is preferred over cost savings and increasing sales. That’s why contact centers keep finding new ways to ease the service process and improve customer satisfaction. One of the ways they can achieve this is through call recording.

What is Call Recording and Why is it Important?

Call recording, as the name suggests, is the recording of inbound/outbound calls in a contact center. The number of calls recorded may differ from one contact center to another, with some recording all calls which pass through their lines.

You must have often heard a pre-recorded message stating – “This call will be recorded for quality purposes.” This is probably one of the primary reasons for recording a call – to monitor quality and compliance. Longer messages can include a request for consent, additional reasons for recording, and information about how the recording will be used.

The management can use call recording to understand what expectations a customer has from their service and whether the agent on call is able to provide it satisfactorily. Additionally, if an agent receives a highly positive feedback on a call, it can be analyzed to understand what went right and train other agents to follow the same procedure.

Compliance Issues with Call Recording

Quality and customer service aside, call recording is still a complex topic in business. Since it deals with customer information, some of which may be sensitive, there can be a few compliance issues contact centers are not aware. If they fail to protect customer data, they can be subject to heavy fines and their reputation takes a hit.

Here are a few compliance issues related to call recording:

  1. PCI compliance – If your organization deals with selling products and services, you will definitely be collecting and storing customers’ payment information such as credit card details, bank account numbers, etc. As such, you should be following the PCI (Payment Card Industry) guidelines for data security.

One of the most important rules in the book is that you should never store the CVV2 number of a customer’s credit card, no matter how avant-garde your data security features. But, how will you process a transaction without the CVV2? To ensure compliance you can pause the recording when the customer is adding the CVV2 number and resume once done.

  1. Outgoing notifications – Contact centers record not just incoming calls but also outgoing ones. But they do not offer the same call recording notification you hear when you call them. By not doing this, the contact center is not providing an option for consent and/or disconnection of the call. It is good practice to include these notifications whenever a call is being recorded.
  2. ‘Barge’ and ‘whisper’ – In some cases, a supervisor listens in (or barges) on the call either by sitting with the agent or through the contact center’s software program. They can even whisper instructions to the agent without the customer being able to hear. In states such as California, this is prohibited under law and requires consent before continuing with the call. Thus, when recording a notification they should ensure to state the ‘monitoring’ aspect of the call as well.

These make up the cusp of a much larger list of compliance issues related to call recording in contact centers. Many issues can be resolved easily, and at low cost, helping businesses provide superior customer service without compromising their personal details.

Laws and regulations concerning call recording in contact centers

The primary concern with call recording is consent. Under federal law, you only need one party to consent to the recording. Many states also adopt the same law. However, 12 out of the 50 states require consent from both parties for a recording to take place. If you are recording someone else’s call i.e. a call in which you have no involvement, then it is illegal in all states.

When it comes to business calls, a company may record customer conversations with their consent, both before and after the call. However, an implied consent, where the customer is notified before recording is enough to comply with call recording laws. In case a recorded message is not available, businesses can provide a verbal notification through the agent.

For monitoring business and personal calls of employees over a business line, you have the ‘business telephone’ exception which allows the recording and storing of all calls conducted through a company extension.

Failure to comply with these rules, leading to the unlawful interception of calls and recording them can result in a penalty of up to $50,000 or an imprisonment term of up to 5 years.

To avoid criminal prosecution and lose your reputation with customers and stakeholders, follow call recording laws issued by the government and various agencies. In the US, you have to comply with both federal and state laws in order to record calls, for any reason.

References:

https://calltools.com/call-center-recording-laws/

http://www.sheehan.com/publications/good-company-newsletter/Is-Your-Business-Complying-With-Applicable-Call-Recording-Laws-.aspx

http://www.cio.com/article/2980690/compliance/4-call-center-compliance-trapsand-what-to-do-about-them.html

http://callminer.com/5-keys-pci-compliance-call-center/

http://www.callcorder.com/phone-recording-law-america.htm 

Recent Articles
For more interesting insights