The most critical and fastest-growing customer service need is the ability to handle computer security breaches that have led to the exposure of individuals’ personal data that puts them at risk of identity theft.
Lawmakers are now considering and passing legislation requiring companies and other organizations to notify consumers when data breaches have occurred and to set up toll-free hotlines. California already has this requirement; other states are working on similar laws, as is Congress.
The challenge for contact centers is how to best set up and manage outbound and inbound customer notification of security breaches.
Managing the breaches
Security breaches often happen with little notice. Corporations and institutions need to inform consumers and users quickly, as soon as the breaches have been detected, on the steps to take to limit and repair the damage.
Unfortunately, many companies do not have plans of action in place when breaches happen. Typically their customer service departments bear the brunt. There are often not enough people or lines to handle the influx of calls or to make the outgoing calls in a timely manner. Agents may not be trained or scripts ready for these events.
Consequently, callers are put hold for long periods of time, which exacerbates their stress from having to repair the damage to their personal lives caused by the breaches. Calls that must be made to victims get pushed to one side. Customers may not get sufficient information; they may feel they are being rushed off the lines.
While you may know how people have been affected, you can’t be sure of how many of them will call and when. We have had immediate and massive call influxes for one data exposure incident, and trickles for another, for the same type of organization.
The best solution is to create a plan for managing security breach response that is separate from customer care, help desk, and sales. There is greater urgency and higher stress, and the volume is less predictable compared with other call types.
Take a close look at whether to manage security breaches with your own contact centers or to have them handled by contact center outsourcers.
Internally provided hotlines are, in many cases, the least-expensive solution; your employees also have the greatest stakes in assuring and retaining customers. You can set up these hotlines by prearranging assets, workstations, lines, computers, phones, and people for these emergencies. Most organizations have unused space, desks, and communications channels, as well as staff who can be asked to work longer hours.
The major benefit of turning to outsourcers is that they have workstations, lines, and people that they can quickly deploy and whose supply they can easily adjust to meet call volumes. These firms always have some slack in their capacity to support new and expanded accounts. If they have more work than they can handle they usually contact other companies to help them, in exchange for a share of the revenue.
Whether you manage your security breaches with inhouse contact centers or rely on outsourcers, you need your training and scripting set up ahead of time. Put together with your legal department scripting and training based on existing or planned legislation that gives the right information, such as how or where to find help on repairing damage such as to credit, drivers’ licenses, and other vital documentation.
Make sure you include in your scripting apologies to customers for the inconvenience that has been incurred, even if your organization is not directly at fault; the public expects companies to take responsibility for their actions.
Preventing security breaches
An ounce of prevention is worth at least a pound of cure. So take steps to limit possible security breaches, and the size and cost of breach response, by securing your networks.
Some of the most serious threats to data security are linked to your own employees. Their acts may be innocent, such as accessing personal Web accounts that open the doors to spyware or viruses via their workstations. Other actions could be deliberate, such as by installing sniffer software to ferret out information and transmit it offsite.
You can prevent accidental breaches and exposure by implementing policies and training staff on proper data usage and handling. When employees are informed of what can happen to your customers, your company, and their careers by exposing the network and customers’ personal data, most of them will be more careful.
By planning for security breaches, both with inbound and outbound response and with preventative measures such as network security, your contact center (and your organization) will be ready and able to respond to the next threat to your customers’ personal information.
Gary A. Pudles is president/CEO of the AnswerNet Network (www.answernet.com), a leading contact center solutions provider.