General Data Protection Regulation and Call Recording

25-05-2017-1495716515.jpg

The General Data Protection Regulation (GDPR) legislation comes into effect across Europe on May 25th 2018. GDPR will affect all businesses that process data, both small and large. Under current law call recording is classified as form of data processing, therefore the new legislation will have a massive impact on call recording. The goal of the GDPR are set to strengthen and protect the rights of individuals when it comes to businesses collection, recording and using their personal data. Also the Data Protection Act sets outs rules for the correct handling and protection of data, which requires any calls recorded to be stored securely. Therefore all recordings should be stored securely, preferably in encrypted format.

What’s new under the law?

With regards to call recording, the key changes under the new GDPR are the requirements to protect privacy of the individuals and protect stored data from misuse and unauthorized access. Organizations also have to ensure that they notified and get consent of all parties involved in a call.

How to comply?

  1. Ensure you have permissions to use data in all future collection and processing

  2. Implement and regularly review strong security policies inside organization at all levels, including:

    a) Protection of physical access to data storage facilities, e.g. datacenters

    b) Protection of network security

    c) Access to call recording system should be strongly protected by passwords and be granted to authorized personnel only

    d) Storage call recording files in encrypted format

  3. Do not store data for more than required period of time (e.g. if for compliance purposes it is required to store recordings for 5 years, the businesses should not store the recording for longer than that period of time)

  4. Implement selective call recording to record only required calls

  5. Implement call recording system with advanced tracking mechanism such as audit log and file watermarking in order for businesses to be able to prove that call recording data was not accessed by unauthorized personnel and call recordings files were not altered in any way.

How MiaRec Call Recording System can help you?

MiaRec software delivers advanced compliance functionality to help businesses stay meet new legal requirements. Providing rock-solid encryption, role-based access control and smart selective call recording, MiaRec ensures all communications are strongly protected and businesses stay compliant. Unique call recording announcement functionality allows businesses to automatically notify the caller that the call may be recorded. Different retention periods can be configured for different types of calls to ensure organizations do not overuse call recording data.

Benefits of MiaRec Call Recording system:

Secure Call Recording and Encryption – MiaRec records and securely stores interactions in encrypted format.

Unique Call Recording Announcement functionality - MiaRec solutions offer a built-in recording notification to help you stay compliant with legal requirements and avoid litigation (available for both inbound and outbound call scenarios). MiaRec plays a recording announcement at the beginning of conversation to notify the customers, that the call may be recorded.

Smart Selective Call Recording - Organizations can choose which lines to record.

Flexible Retention Policy -Administrator can easily configure retention period for call recordings. Different retention periods can be selected for different types of calls to keep storage costs down.

Fine-grained Privileged Access - Access to data is password-protected and provided to authorized users only. Role-based access control allows to define user’s rights, such as playback, live monitoring, administration, resources access etc.

More security features for GDPR compliant call recording:

Audit Log - MiaRec’s activity tracking system enables full audit logs of all actions performed within the system, such as access to call recording, deletions of files, change of configuration etc.

File Watermarking - MiaRec offers a powerful application to validate the authenticity of any recording file, ensuring that call recordings remain intact and unaltered.

To find out how MiaRec can help your firm be compliant with GDPR please contact a MiaRec representative.

Note: MiaRec do not offer legal advice, please consult your legal counsel for guidance on the compliance activities that are appropriate for your organization.