Sponsored By

Privacy & Your Contact Center: Keeping Track State by StatePrivacy & Your Contact Center: Keeping Track State by State

This isn’t an easy task, but it is essential for most contact centers today.

Gary Audin

March 19, 2020

4 Min Read
Photo illustrating data protection
Image: Thomas - stock.adobe.com

We have CCPA in California, and GDPR in Europe. If you’re in the contact center business, you need to keep up with the growing number of passed and pending privacy bills in various geographic areas. They vary on coverage, requirements, and penalties. This is a fluid environment, and can change at any time.

 

I scanned multiple websites to locate and summarize the status of the privacy laws. I’m not a lawyer; my comments are meant to stimulate your investigations into the changing state privacy laws. Some of these laws may end up conflicting with federal legislation, but as that doesn’t appear to be forthcoming any time soon, concerns about that can wait.

 

The State of the States

Based on a privacy law comparison table compiled by the International Association of Privacy Professionals, three states have passed privacy regulations at the time of this writing: California, Nevada, and Maine. Meantime, about 300 other state privacy and security regulations are under consideration.

Here’s a sampling of state privacy law initiatives.

 

Vermont — Title 9 Commerce and Trade Chapter 62 statuteThis statute has four subchapters:

  • Security Breach Notifications Act

  • Social Security Number Protection Act

  • Document Safe Destruction Act

  • Data Brokers – This would require data brokers that collect and license consumer personal information to register annually with the Secretary of State. Data brokers would need to provide consumers with specified information, including their names, emails, and Internet addresses

 

Delaware — Online Privacy and Protection ActThis act would prohibit website operators, online and cloud computing service providers, and developers with applications directed at children, from marketing or advertising about specified products or services inappropriate for children’s viewing.

The act has three parts:

  • Prohibitions on online marketing or advertising to a child

  • Posting of privacy policy by operators of commercial online sites and services

  • Privacy of information regarding book service users

 

Connecticut — Chapter 743dd Protection of Social Security Numbers and Personal InformationThis law stipulates that if an organization collects Social Security Numbers (SSNs), it would need to create a privacy protection policy for public display on its website. The policy would need to protect the confidentiality of SSNs, prevent unlawful disclosure, and limit access.

 

Oregon — Chapter 646 Trade Practices and Antitrust Regulation 2019 EditionAccording to the National Conference of State Legislatures, this regulation makes it “unlawful trade practice if a person publishes on a website related to the person’s business, or in a consumer agreement related to a consumer transaction, a statement or representation of fact in which the person asserts that the person, in a particular manner or for particular purposes, will use, disclose, collect, maintain, delete or dispose of information that the person requests, requires or receives from a consumer and the person uses, discloses, collects, maintains, deletes or disposes of the information in a manner that is materially inconsistent with the person’s statement or representation.”

 

Nebraska — Statute 87-302 (deceptive trade practices; enumerated)This statute would prohibit making false or misleading statements regarding the use of personal information submitted by members of the public in a privacy policy, wherever it might be published or distributed.

 

New Jersey — Privacy Bill S2834This bill would require operators of websites or online services to notify customers of the collection and disclosure of their personally identifiable information. The bill would apply to any individual within the state, regardless of residency.

 

What You Should Do!

Keeping up with proposed and passed privacy regulations won’t be easy. As can be seen by the above examples, not all possible privacy regulations are apparent in their titles. You should bring together a team from the contact center, IT, legal, marketing, and sales departments to monitor and respond to the regulations. You don’t want to be blind-sided by a missed regulation.

 

In addition, reach out to your contact center provider and request information about how it plans to deal with the regulations. And, have the corporate legal team investigate the liabilities that the software vendor or cloud service will and will not accept. You need to know the possibilities of your organization not complying properly with privacy regulations.

 

Don’t overlook the training your contact center agents will need to deal with the variety of regulations. They’re the first responders. As each regulation is passed, your staff might require new training.

About the Author

Gary Audin

Gary Audin

Gary Audin is the President of Delphi, Inc. He has more than 40 years of computer, communications and security experience. He has planned, designed, specified, implemented and operated data, LAN and telephone networks. These have included local area, national and international networks as well as VoIP and IP convergent networks in the U.S., Canada, Europe, Australia, Asia and Caribbean. He has advised domestic and international venture capital and investment bankers in communications, VoIP, and microprocessor technologies.

For 30+ years, Gary has been an independent communications and security consultant. Beginning his career in the USAF as an R&D officer in military intelligence and data communications, Gary was decorated for his accomplishments in these areas.

Mr. Audin has been published extensively in the Business Communications Review, ACUTA Journal, Computer Weekly, Telecom Reseller, Data Communications Magazine, Infosystems, Computerworld, Computer Business News, Auerbach Publications and other magazines. He has been Keynote speaker at many user conferences and delivered many webcasts on VoIP and IP communications technologies from 2004 through 2009. He is a founder of the ANSI X.9 committee, a senior member of the IEEE, and is on the steering committee for the VoiceCon conference. Most of his articles can be found on www.webtorials.com and www.acuta.org. In addition to www.nojitter.com, he publishes technical tips at www.Searchvoip.com.

See more from Gary Audin

Editor's Spotlight

How Air Canada Tapped Amazon Connect to Modernize Its Contact Center Operations
Ccaas
How Air Canada Tapped Amazon Connect to Modernize Its Contact Center Operations
How Air Canada Tapped Amazon Connect to Modernize Its Contact Center Operations

Dec 16, 2024

How Talkdesk Delivers for Vertical Industries
Ccaas
How Talkdesk Delivers for Vertical Industries
How Talkdesk Delivers for Vertical Industries

Dec 5, 2024

How Vendors Could Help Small and Medium Businesses Navigate Change Amidst Rapid Change and Complexity
Ccaas
How Vendors Could Help Small and Medium Businesses Navigate Change Amidst Rapid Change and Complexity
How Vendors Could Help Small and Medium Businesses Navigate Change Amidst Rapid Change and Complexity

Dec 17, 2024

Subscribe to Our Weekly Newsletters
Stay informed and sign up for weekly No Jitter and WorkSpace Connect newsletters
Sign Me Up
Mar 17 - Mar 20, 2025
As the #1 communications, collaboration and CX Conference and Expo in North America, we empower IT professionals to confront and overcome today's most pressing challenges. Attend Enterprise Connect and join thousands of like-minded peers building a framework for future success. You’ll walk away with rich learning experiences, invaluable connections, business opportunities, and inspiring insights. Register with Promo Code CONNECT25 to save $200 on Conference passes.
Learn More