CallCabinet’s Atmos is the recording platform that makes global compliance immediately available to your organization, no matter your size or industry. To specifically address compliance needs, Atmos provides audio recording, text transcription, AI-driven data redaction, and 256-bit AES encryption for your audit trail.
Why You Need Compliance Recording
Contact centers, remote agents, medical practices, government agencies, and enterprises of all sizes are legally required to comply with a growing list of regulations.
These compliance laws (like PCI-DSS, HIPAA, MiFID II, and GDPR) specifically target voice communications between you and the people you serve. Call recording provides many benefits to the growth of your business and customer service, but most of all…
…it’s the best practice to ensure legal compliance within your workforce.
Common Compliance Laws
HIPAA (the Health Insurance Portability and Accountability Act) was designed to protect personal patient information.
This law contains extensive penalties for organizations that violate HIPAA practices. Among other practices, HIPAA requires that all patient/customer interactions are not only recorded but that private patient data be redacted from every record of the interaction. This affects the audio recordings as well as the text transcriptions of your customer interactions. Redacting your recordings is a monumental, time-consuming task. Atmos saves you time and money while keeping your enterprise compliant with its automatic AI-driven audio and text redaction.
HIPAA mandates that recorded interactions are protected from exposure to unauthorized users. Atmos secures your recordings with a 256-bit AES encryption unique to each recording.
The Payment Card Industry Data Security Standard (PCI DSS) affects every organization that takes credit cards in person, online, and over the phone.
The standard was enacted to reduce credit card fraud and ensure cardholder privacy. This compliance regulation directly impacts not only your recordings and transcripts but your storage methods of those assets. As with HIPAA, Atmos’ secure 256-bit secure storage and redaction capabilities keep your business compliant and protects your customer data. Data breach costs can average from 3 to 8 million dollars and are increasingly common. Atmos not only compliantly records, redacts, and secures your data; it protects your bottom line.
GDPR (General Data Protection Regulations) is an EU-wide regulation that has replaced all data protection laws in member states.
GDPR strengthens individual rights regarding the collection, recording, and use of their personal data by an organization. When a business wishes to record a call, it must actively justify legality by demonstrating certain conditions:
- Recording is necessary for the contract fulfillment
- Recording is required to fulfill a legal requirement
- Recording is needed to protect one or more participants
- Recording is in the public interest or needed for the exercise of official authority
- Recording is a legitimate benefit to the recorder unless the interests of the call participants override that benefit
Atmos can place recording stop/start control in the hands of your agent when customer permission is not obtained for a phone call. Searching to ensure that your agents make compliance requests is fast and easy with Atmos’ keyword and key phrase search.
Regarding call recording, MiFID II (Markets in Financial Instruments) dictates the recording and storage duration of calls made in EU financial markets.
Atmos gives you control over your storage duration and provides a way for you to securely send call recordings when necessary for an audit of practices.
Similar to MiFID II, Dodd-Frank requires all financial trade communications to be recorded across all communication methods – including telephone conversations.
All recordings must be time-stamped in a uniform system and organized to allow search and identification of data.
As with MiFID II , all recordings must be securely stored for up to 5 years. Atmos is an especially powerful platform for financial institutions with its secure storage and keyword/keyphrase searchability.
The Financial Advisory and Intermediary Services Act protects consumers of financial products and services.
It impacts the advice-giving activities of financial service providers by stipulating that consumers must be provided with adequate information about the product or service or institution they use. Atmos provides multiple data sources for an audit trail and allows supervisors to monitor their agents’ practices to ensure they are communicating properly to customers.
Under POPI (Protection of Personal Information), individuals have the right to obtain a copy of the recordings containing their personal information from a call center.
When a company is not legally entitled to that information, an individual may rightfully demand its deletion. With Atmos, organizations can easily search for and retrieve recordings by phone number, PBX metadata (when available) agent, time period, and word search.
FICA (South Africa’s Financial Intelligence Centre Act) provides a regulatory framework for anti-money laundering & counter financing of terrorism (AML/CFT).
FICA-compliance enterprises must adopt a risk-based AML/CFT strategy based on each client’s unique risk profiles. Companies must incorporate appropriate due diligence processes to verify client identity and screen against various risk factors (sanctions, adverse media, and politically exposed individuals).
Call recording becomes a must under FICA to allow compliance officers to ensure agents are following best practices. With Atmos’ capacity for keyword and key phrase search, compliance statements, and other verbal qualifiers can be easily identified within a call. Applications can be built within Atmos by the user that easily allows for industry-specific phrase recognition.
CCPA, the California Consumer Privacy Act, is a consumer-centered regulation. It’s not interchangeable with GDPR and is not insular to California.
The real compliance issue for any business here is how likely they are to collect personal data from a California resident, and it’s almost impossible not to.
Among other rights, CCPA gives Californians (and anyone dealing with a California business):
- The right to know what personal data has been collected by a business
- If and to whom their personal data has been sold or revealed
- The right to demand a business discontinue sharing their personal data
- The right to access personal data collected by a business
- The right to goods and services at the same rate as other consumers even if they’ve asked for their data to be removed
Atmos supports users on multiple fronts that CCPA enforces compliance on including:
- Agent training (especially in regards to obtaining customer permissions)
- PCI redaction
- Call Transcription