All contact centers should adhere to regulations that advocate data protection and ethical calling practices. Failure to comply with these regulations can damage a call center’s reputation and cause outbound numbers to end up on ‘spam’ lists. Learn some best practices to maintain call compliance in your center below.
TCPA and DNC Compliance
The Telephone Consumer Protection Act (TCPA) is a piece of legislation that lays down rules for call centers using outbound marketing to communicate with customers. Signed into law by President George H.W. Bush in 1991, TCPA remains one of the most significant rulings for contact centers in the United States. Subsequent laws, such as the 2019 TRACED Act, are based on TCPA principles.
Some of the most critical TCPA regulations for call centers are:
- Agents can only call residential customers for marketing purposes between 8 a.m. and 9 p.m. in the recipient’s time zone.
- Call centers can’t use artificial or prerecorded voices to reach residential customers without written consent.
- Contact centers can’t call anyone on the National Do Not Call Registry (see below)
The above call compliance regulations apply to both residential landline and wireless numbers.
The National Do Not Call Registry (DNC) is a nationwide database owned and maintained by the U.S. government. It lists the phone numbers of people who don’t want to be contacted by telemarketers or companies specializing in outbound marketing. (By law, you can’t call someone on the DNC.) According to TCPA rules, call centers must also maintain an internal DNC list of people who don’t want to receive call communications from that company.
Call centers should adhere to TCPA and DNC rules at all times. That’s because customers can initiate lawsuits and class actions against companies that violate these guidelines. Consumers filed more than 3,000 TCPA complaints in federal court in 2019 and 2020. Penalties for TCPA non-compliance can be as high as $1,500 per violation—a cost many call centers can’t afford.
Consent Is Important
Though not included in TCPA and DNC guidelines, call center agents must inform customers if recording a phone call (and vice-versa). An automated message at the beginning of an inbound call to a contact center is enough to satisfy this requirement. Agents should ask a customer’s permission to record a conversation at the start of an outbound call.
It’s also good etiquette to allow customers to opt-out of SMS communications. Including a statement, such as “reply with the word ‘no’ to stop receiving texts,” at the end of an SMS provides customers with a way to unsubscribe from marketing messages.
Finally, allow customers to opt-out of emails from your contact center. The CAN-SPAM Act establishes rules for commercial emails and gives consumers the right to unsubscribe from marketing materials.
As previously mentioned, you can’t call customers on the DNC. Companies that break this law can receive a fine of up to $43,792 per call. Make sure you scrub call lists against this national database before you create a new outbound marketing campaign.
It’s also a good idea to keep an internal opt-out list of customers who don’t want to receive communications from your call center. That prevents agents from calling disinterested leads, allowing them to focus on prospects genuinely interested in your products and services.
Security of Financial Information
Storing customers’ financial information securely is critical for any call center. Encrypt credit card, debit card, and other financial details and use secure payment gateways when processing transactions over the phone. Never write down financial details on paper or store information in a place agents can access.
The Payment Card Industry Data Security Standard (PCI DSS) prohibits call centers from collecting card information and PINs when recording calls. Agents should pause a call recording when asking for and processing financial information of any kind.
Compliance By Industry
Call centers of all types should follow the rules, regulations, and guidelines above. However, there might be separate call compliance requirements depending on your industry or niche. Here are a few examples:
- Call centers specializing in healthcare products and services should adhere to the Health Insurance Portability and Accountability Act (HIPAA), which protects sensitive patient health information.
- Certified public accountants should comply with guidelines from the American Institute of Certified Public Accountants (AICPA) when auditing data.
- Financial institutions should comply with the Gramm-Leach-Bliley Act, which requires companies offering financial products and services to explain their information-sharing practices.
How To Ensure Compliance
Call centers should keep up-to-date with the latest general and industry-specific compliance requirements and share this information with team members. One of the best ways to achieve this goal is through compliance training, where agents learn about call handling, data governance, payment processing, and other topics. Managers should also teach agents to use the latest call management software tools.
Adhering to Compliance Regulations
Contact centers must adhere to the call compliance requirements above or face expensive fines and reputational risks. Managers can only ensure full call center compliance by understanding the latest legislation, rules, and guidelines and sharing this information with team members.