GDPR: Putting control of personal data back into consumers’ hands.
Vidicode UK has unique technology in our Apresa (SIP & IP), BRI & PRI recording solutions, which enable calls to be recorded automatically whilst at the same time providing both the agent and or customer with the ability to be able to control whether recording of the call proceeds or not.
Consent
Opt in consentAffirmative Action Needed
Consent made by the recorded party. There is a more defined list of special categories from the ICO (Information Commissioner’s Office)Contractual
Recording is needed as part of a contractBusiness Process
Recording is necessary for the performance of a contract or to take steps to enter into a contract.Compliance
Industry regulations require recordingLegal Obligation
Recording is necessary for compliance with a legal obligation.Protection
Call recording is used to protect concerned partiesPersonal interest
Recording is necessary to protect the vital interests of a subject or another person.Role Fulfilment
Recording is needed to assist you in your job fulfilmentPublic Interest
Call recording is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.General Interest
Legitimate interests of companies & 3rd partiesSubjects Interest
Necessary for the purposes of legitimate interests pursued by the controller or a third party, except where interests are overridden by the interests & rights of the subject.What is GDPR?
The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). It also addresses the export of personal data outside the EU.
The GDPR aims primarily to give control back to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. When the GDPR takes effect, it will replace the DPA (Data Protection Act).
The regulation was adopted on 27 April 2016.
Is your business ready for the enforceable deadline of 25 May 2018? Contact us now to find our how we can help you.
How does GDPR affect call recording for regulated firms, where call recording is required for compliance and other legislative reasons?
In short…It doesn’t. If you record calls for one of the 6 reasons stated above under “lawful reasons to record” then all you need to do is ensure you know which reason is the basis for you to record and note this for ICO, Audits and GDPR compliance references.
How does it affect companies that wish to record their calls?
Consent under the GDPR must be a freely given. It must be specific, informed and an unambiguous indication of the individual’s wishes. There must be a clear affirmative action – consent cannot be inferred from silence, pre-ticked boxes or inactivity.
Consent must also be separate from other terms and conditions, and you will need to provide simple ways for people to withdraw consent.
Remember that you can rely on other lawful bases to record calls….apart from consent.
Organisations must show how they are compliant with at least one of the following:
Consent of the recorded subject. There is a more defined list of special categories from the ICO.
Recording is necessary for the performance of a contract with the subject or to take steps to enter into a contract
- Recording is necessary for compliance with a legal obligation
- Recording is necessary to protect the vital interests of a subject or another person
Recording is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller
Where call recording is necessary for the purposes of legitimate interests pursued by the controller or a third party, except where such interests are overridden by the interests, rights or freedoms of the data subject
- Multi level access; supervisors, groups and users
- Free seating
- Screen recording
- Store on demand (audio & screen)
- PCI-DSS compliance
- Call commenting
- Statistics for analysis in graph or .csv
- Quick and easy search interface
- User assignable search restrictions
- Fingerprinting MD5, SHA-1
- Encryption
- Automatic backup to NAS
- Automatic system check
- Records SIP/VoIP, ISDN II, E1/T1, TDM, Analogue and radio communication
Optional
- Agent Evaluation Module
- Raid 1 or Raid 5 option
- Redundant power supply