How Compliance Center Prevents Data Breaches

Every day we hear of data breaches exposing customers’ personal information, both on a small and large scale. Most recently, Equifax disclosed that it had been the victim of such a breach, with implications for nearly 150 million Americans.

The damages to the brand are considerable: two potential class actions suits already filed against them, and severe financial implications with the company’s shares dropping down by nearly 14%¹

Many aspects of the Equifax story are frustrating, but perhaps the most eye-catching one, is the fact that this data breach could have been avoided. For months, hackers have been able to penetrate the system and steal a great deal of sensitive information.

How could data breaches have been prevented?

For organizations that process and store sensitive or personal information such as social security numbers, customer’s names, IP addresses, and more; data security and privacy is the cornerstone of how they manage their systems, and plays a big role in building trust and a positive customer experience.

It is up to these organizations to ensure that they have the adequate solutions and processes in place to protect the data and identify security weaknesses. Whether it is from end to end encryption, periodical hardening kits or even external auditor’s assessments for specific regulations (such as PCI DSS and HIPAA).

As data breaches and compliance are becoming an issue worldwide, NICE has released a dedicated Compliance Center to address these pain points, and enable proactive identification of vulnerabilities and risks. The solution enables both proactive and corrective actions for IT, compliance officers and even contact center agentssupervisors who can take the necessary steps to mitigate the risk.

The solution scans and monitors the audit trail and informs the relevant personal about potential breaches based on abnormal behavior (e.g. massive download or deletion of information) - same as should have been detected for Equifax. The compliance center alerts agents in real time if they are deviating from their pre-defined conversation script or if they need to repeat elements that were not heard or captured properly, to provide evidence. It provides dashboards measuring the levels of adherence to dedicated regulations or compliance principles (such as forced deletions), to enable prompt corrections whenever needed – I.e.: deleting, extracting or locking interactions. With a one stop shop for all compliance activities, it is meant to address the challenges that enterprise-grade compliance practices so desperately need.

Even though the recent Equifax incident will probably not trigger a revision of the US regulatory framework, it does highlight the importance of the initiatives of various countries globally that legislate for the protection of personal data. Whether it is the GDPR in Europe or the cybersecurity protection in China, privacy protection is a trend that will continue to grow as consumers’ trust in organizations becomes a major differentiator in the customer experience.²

Organizations today are becoming more proactive in designing compliance processes and systems, and companies like NICE are alongside them at the forefront of the industry, developing innovative solutions to accompany them in their journey.

________________________

¹ https://www.nytimes.com/2017/09/08/business/equifax.html
² 2017 Global Customer Experience Benchmarking Report released by Dimension Data