Call centers play a critical role in ensuring the successful management of an organization’s customer and product support. For the health care industry, the call center acts as conduit between the hospital, insurers, health care providers and patients.
But call centers also represent a risk. Call center agents and patient representatives generally rely on standard communication practices they are familiar with to distribute and share personal information. These methods include emailing personal data and client/patient information using Outlook and other applications are not secure once they transmit data outside the corporate firewall.
Customer service representatives have a huge responsibility: Center agents must protect critical information and comply with corporate mandates and federal regulations.
Technology advances bring efficiencies and new business opportunities – but also expose companies to new security threats and data risks. For example, Internet-based communications like voice-over-IP (VoIP), self-service websites, email, and collaboration applications have opened contact centers up to channels that pose security concerns. Additionally, the cost-reducing globalization of contact center resources has moved many operations offshore – to countries where intellectual property and confidentiality laws are not always as rigorous as those where corporate clients reside.
Another vulnerability stems from call centers that are running on converged data networks, so they are subject to the security risks associated with data networks — unauthorized access, hacking, and denial of service attacks.
Traditional data security policies must be expanded to protect all information, including IP telephony traffic. Security measures must diligently focus on:
Integrity: Viruses, trojan horses, and unauthenticated access can alter the configuration integrity of networked resources.
Availability: Any security incident can affect contact center availability. Every second of downtime can be directly measured by lost revenue. Also, costs increase as live agent calls go up due to downed interactive voice response systems (IVR – using a touch-tone telephone to interact with a database), speech or web servers.
Compliance: Strict government regulatory requirements for privacy protection and security measures play increasingly strict roles.
Agents must have “easy to use” and reliable means to send and receive confidential and secure email messages inside the firewall, as well as outside. This is especially true for call centers that must exchange information between the organization, insurers, health care providers and eventually to the customer.