How Proposed US GDPR Style Legislation Will Affect Call Centers

Will the U.S. implement its own version of GDPR?  Read this article to find out how you can prepare for this possibility. 

What is GDPR?

GDPR is an EU legislation that stands for General Data Protection Regulation.  It was implemented on May 25, 2019, and is intended to protect data belonging to European citizens.

Based on GDPR standards, every company that gathers data from those citizens must be transparent when collecting, storing and using that data.  European citizens must also give their consent before companies are allowed to collect their data.

Those who don’t follow the standards set by GDPR are penalized with hefty fines.  If you don’t want to find yourself in that situation you should seek professional legal counsel to ensure your operations are GDPR compliant. 

How Does GDPR Affect Call Centers?

Whether you are based in the U.S. or EU, GDPR legislation affects your company if your call center gathers and stores data from EU citizens. 

In order to maintain compliance with GDPR, your call center needs to follow the guidelines below.


  • Get Consent – Before recording any calls with EU residents you must obtain their consent.
  • Record Consent – You must also have a way to record and store consumer consent.
  • Managing Data – Your data storage and deletion policies must be GDPR compliant. 
  • Third Parties – Investigate the policies of the providers you work with to ensure they are GDPR compliant. 
  • Keep Consumers Informed – Make sure EU citizens know how you are using their data and how they can request to have it deleted. 
  • Grant Access – Your customers must be able to digitally access their data.  When customers request this access you have up to one month to provide it.
  • Reports on Data Breaches – GDPR requires companies to alert customers to a data breach within 72 hours.  Reports are only required when the breach affects consumer data. 
  • Data Deletion – If EU residents ask you to delete their data you must get rid of their information from your system.


Is GDPR Style Legislation Coming to the United States?

There are already data protection regulations being implemented in the U.S. at the state level.  The California Consumer Protection Act (CCPA), which will start to be enforced on January 1, 2020, is just one example.  Other states have their own data laws that are either currently in place or are in the works.

Some have argued that these laws should be implemented at the federal level, making it much easier for multistate companies to remain compliant and avoid being penalized.

However, there are some difficulties in achieving this.  Some states have higher data protection standards that may not be reached by suggested federal laws.  On the other hand, other states that have more relaxed guidelines might view the stricter laws as too rigid.

In addition, the multiple federal data protection bills that are vying for position are in competition with each other, which may further delay the implementation of countrywide data protection regulations. 

But this doesn’t mean companies have an excuse to carry on as normal and assume it will never happen.  On the contrary, it would be wise to use this time to prepare for future federal data privacy laws.

The first step is to attain GDPR compliance because these regulations will point you in the right direction for compliance with any future federal laws and current state laws.

Tools That Will Help Make Your Call Center GDPR Compliant

Rather than getting bogged down by the nitty-gritty details of GDPR, try to automate compliance as much as possible. The tools described below will help. 

CRM Integrations

CRM software keeps customer data organized, which allows you to gain a better understanding of your customers.  This increased understanding will ultimately result in more conversions.

CRM integration uses automation to feed consumer data into the software, eliminating the need to manually enter information.  But the benefits don’t stop there.

CRM integrations can actually help make your call center GDPR compliant because the software can be set in accordance with GDPR policies. 

CRM integration also makes it easy to delete customer data.  Since all of their information should be kept in one place, all you need to do is remove their records from the software. 

Speech Analyzer

A speech analyzer software allows you to review conversations in your call center.  By mining data for compliant and noncompliant language, you can find out how your agents are doing with following GDPR requirements. 

If your speech analyzer software reveals that some agents are falling short you can focus on training them to better understand and implement GDPR practices.

AI Dialer

Outbound calls can remain GDPR compliant if you set your AI dialer to only make calls that don’t violate GDPR requirements. This will help your call center avoid costly mistakes.

Conforming your call center operations to GDPR standards will keep your company safe when dealing with data from EU citizens.  It will also get you ready for U.S. GDPR style legislation that could be implemented in the near future.