Keeping Personal Data Private

by Maria Simonton

[frame align=”right” width=”310″ height=”387″ src=”https://www.interactivenw.com/wp-content/uploads/2015/02/iStock_000007765546XSmall_credit-card-security-lock.jpg”]In an age that is rife with fraud and data breaches, consumers have become increasingly sensitive about sharing personal information with others. And with good reason—according to the Bureau of Justice Statistics, 14 percent of Americans over age 16 have experienced some form of identity theft. In fact, compromised personal data was the most common consumer complaint in 2014. Given the legal and financial ramifications of such exposures, enterprise organizations must take enhanced measures to ensure customer information is kept secure. And while network and database security tend to take top priority, companies often overlook the weakest link in the chain: the human factor.

The human factor

Allowing employees to collect or access sensitive data—such as a credit card or Social Security number—is dangerous; it places an organization, its callers, and even the employees themselves at considerable risk. Spoken or decrypted data may be captured by malware, an agent may forget to log out or walk away from their station while sensitive data is on screen, a hacker may fish for information pretending to be a user or customer. These scenarios are all too common and nearly impossible to manage adequately. The human factor introduces a significant level of vulnerability and we are seeing the results all around us, as trusted organizations scramble to protect their reputations after an embarrassing security breach.

Leave control of personal data in the user’s hands

To minimize the risks associated with the human factor, many organizations choose self-service automation to manage the collection and access of personal information. Sensitive data remains encrypted as it is utilized, minimizing the risk of unnecessary exposure. One of the hidden benefits of self-service applications is that they put control of personal data back into the hands of the user. By eliminating the need to reveal sensitive information to a live person, automated systems have the potential to gain newfound respect from consumers. Here are a few key ways to capitalize on the privacy benefits inherent to self-service solutions such as IVR.

Inform the caller

Establish trust by letting customers know that you care about their privacy and take it seriously. Include a short message early in the self-service process informing callers what type of data they’ll be asked for and why. Users are more likely to engage with a self-service application when they understand how it will benefit them.

Gather sensitive data

Even if live agents will ultimately handle a customer service inquiry, IVR can be used to collect and manage personal information before the call arrives at the contact center. Customers feel more secure providing sensitive data to a computer than to someone they don’t know.

Protect the user

Follow through on the commitment to customer privacy by limiting the amount of data displayed on the agent desktop. Sensitive fields such as SSN should be partially masked such that only the last 4 digits are shown, and agents should not ask callers to disclose information that has already been collected in the self-service interface.

Protecting employee privacy

Protecting caller privacy doesn’t stop at the external customer, however—guarding the data of internal employees is just as business-critical. For example, INI IDReset™, an internal password-reset solution for enterprise-level organizations with Active Directory, provides a simple and efficient way to reset network passwords without the intervention of IT staff. The INI IDReset web enrollment interface allows users to define their own challenge questions, ensuring a customized and secure experience. When resetting a password, a natural voice interface lets callers speak their responses while the IVR authenticates their identity and issues a temporary password. By removing the human factor from the equation, INI IDReset helps keep personal data private and reduces the risk of fraud within the organization.

Whether your organization is concerned with protection of customer data or internal user privacy during support interactions, self-service automation provides secure solutions that reduce risk while reassuring users that you take their privacy seriously. Schedule a consultation with an INI representative to learn more about how automating the collection and access of personal user information can contribute to your data security initiatives.