Customer call centers are the bedrock of large businesses’ customer service. Many businesses set up call centers to take incoming calls from customers who need help or have questions about their products or services. While some businesses only use their call center to receive calls, others also use it to make outbound calls for the purpose of soliciting new clients.
Call Center Laws
It is important to know that there are specific federal laws that affect the operation of call centers. These include the Telephone, the Health Insurance Portability and Accountability Act, the Consumer Protection Act, and the U.S. Department of Labor Hourly Worker Requirements.
While some of these may seem surprising, it is important to know that many call center managers are not aware they can be in violation of call center regulations.
Telephone Consumer Protection Act
Call centers that are making outbound calls to solicit sales must follow the regulations mandated by the TCPA. This body regulates the times that telemarketers may call and their persons they may call.
- Call centers must not call residential numbers before 8 a.m. or after 9 p.m.
- During each call, the customer service agent must tell the recipient which company he or she represents and must also give his or her name and phone number.
- Call centers must abide by the regulations of the Do Not Call Registry.
- Auto-dialed and automated or pre-recorded calls may not be made for telemarketing purposes without the recipient’s written consent.
The TCPA permits individuals to file lawsuits and claim damages if a call center violates the regulations.
Health Insurance Portability and Accountability Act
All the main U.S. health insurance companies utilize customer service call centers. Their purpose is to handle inquiries from current or prospective insurance policy subscribers as well as dealing with provider inquiries, verifications of eligibility, and claim authorizations. All call center workers dealing with patient information must at all times adhere to the regulations of the Health Insurance Portability and Accountability Act. HIPAA was passed in 1996 and mandates the privacy of each individual’s health information. The act is designed to protect patients and their medical information. Call center staff are not allowed to discuss the details of private patient information with anyone other than the patient or a person whom the patient has authorized. Any call center that violates HIPAA regulations is subject to legal action and penalties on behalf of the U.S. Department of Health & Human Services.
Each individual client to whom a call center provides service is classed as a separate contract. Call centers must, at all times, follow federal mandates for these clients, as well as following the client’s specific requirements. For example, a contract may specify that calls are to be answered live instead of being routed through an automated system. Another contract may request that calls are answered within a specific time frame. If a call center is unionized, it is also required to meet union regulations as well. All specific contractual obligations must be followed at all times.
U.S. Department of Labor Hourly Worker Requirements
Usually, call center employees are paid at an hourly rate. For call centers in the United States, the U.S. Department of Labor administers the Fair Labor Standards Act, which states how workers who are paid hourly must be treated. The employer is required to pay at least the national minimum wage unless the state minimum wage is higher. Furthermore, hourly employees who work more than 40 hours per week must be paid an overtime rate, the amount of which should be of one and a half times their normal hourly wage.
It is up to the call center manager to ensure that there are enough people in the call center to handle the expected call volume at any given time. Call center managers often use virtual software to predict how many call center agents will be needed to handle the projected volume in half-hour increments. This helps ensure that workers get their required break times.
Regulations Regarding Recording Customer Calls
If you record customer calls and you are taking information about the customer’s credit cards, then you need to know that this is against PCI-DSS standards, which prohibits the storage of the CVV2 number (the three- or four-digit number listed on the back of the card). This number may not be stored at any time or in any form even at a high level of encryption. If your company is recording calls and you are not stopping call recording when the customer gives out the CVV2 number, then you are violating PCI-DSS regulations. The simple solution to this problem is to pause the voice recording when the customer is inputting their credit card details so that the call center agent can enter it manually and it will not be stored in the recording.
Regulations Regarding Outbound Calls
Many companies have a recorded announcement stating that incoming calls may be recorded for the improvement of customer services.
However, few organizations provide this information when making outgoing calls to customers. And even fewer take into consideration that they are recording their employee’s conversations as well as those of their customers. At this point, it should be noted that if you are going to record a telephone conversation, all parties must be notified before you commence recording. To avoid legal action, your call center must advise all parties that they will be recorded, and give them the opportunity to opt out if they so desire. It must also be clear that in order to opt out they should hang up. In order to avoid any legal complications with this issue, the easiest option is to ask your employees and contractors to sign a notice of consent form agreeing that their calls may be monitored and recorded.
You also need to ensure that your call center network system is secure enough to be compliant with PCI guidelines. This means not only having an effective firewall and router but also implementing internal processes that will provide additional layers of protection. You should impose restrictions on all traffic from networks which are considered to be unsafe and never permit direct access between network components containing customer data and the internet.
To make sure your call center agents are aware of security protocols and call center regulations, you should add these issues to the employee training program, and make sure to update your team regularly so that they do not forget to keep all calls 100 percent compliant.