Call recording GDPR compliance


or keep scrolling








































YOUR CALL RECORDING PARTNER FOR GDPR COMPLIANCE

CAPTURE CONSENT

IDENTIFY RECORDS ASSOCIATED WITH SPECIFIC INDIVIDUALS

DELETE OR PORT RECORD WHEN REQUIRED

PROTECT YOUR DATA

Controlling and processing and maintaining records of recorded communications data will is a key consideration for the GDPR, which came into effect on 25th May 2018. Red Box gives you a set of tools to build into your data management processes, in full support of your compliance obligations.

CAPTURING CONSENT

GDPR aims to strengthen the rights of individuals and increases transparency around how their personal REC information is captured, stored and processed. Consent for recording individuals must be easy to give, simple to withdraw and must be explicit for sensitive data. Not only will organisations need to be a lot clearer on how they will be using or ‘processing’ recorded calls and data, but they will also need to ask for and keep a record of the fact that
consent was given.

The Red Box annotation feature enables a record to be tagged with the consent captured, which can then be tracked, audited and reported on. This can be done manually by the call handler through the Red Box Workstation Client, or automated via an integration with our API.

What if consent is not given?

Where an individual does not give consent for the conversation to be recorded, Red Box o ers the capability to suppress the audio or screen capture. This same technology is already used by many of our clients for PCI compliance purposes.

IDENTIFYING AN INDIVIDUAL’S RECORDS

The GDPR widens the existing ‘right to be forgotten’ under the Data Protection Act and individuals will be able to withdraw consent and request for their personal data to
be deleted or ported elsewhere*. As such, the ability to link communication data captured from di erent sources to an individual is crucial so that an organisation can easily build a complete picture of the personal data held on file.

Red Box supports this with tools to help:

Capture what you need

Audio can be captured Audio is captured from an extensive range of UC, telephony, radio and mobile systems with a set of tools to ensure that you only capture what you need, by allowing payment card information (PCI) suppression or only recording on demand.

Tag & uniquely identify records

A wide range of rich metadata is automatically added to records at the point of capture. This can be enhanced through the addition of customisable fields and manual annotations.

Search & replay calls & conversations

Find records easily within the Red Box Quantify Suite.

Utilise the latest speech recognition technology

Highly accurate transcriptions of all audio conversations is available for 29 languages and growing.

Deleting/porting of records

Record deletion capability is available and can be built into your data management processes.
We also enable the export of records.

KEEPING YOUR DATA SAFE

Taking steps to prevent a data breach is not a new requirement of businesses but the fines associated with one will be significantly higher when the GDPR comes into force. Red Box supports an organisation’s data protection policies in several ways:

Record Management

As well as the ability to set user profiles, logins can be managed through Active Directory Authentication.

Compliance Assurance

Our solutions can be deployed within an organisation’s infrastructure so that records are subject to the company’s full data access policies.

Security

Frame based recording keeps data secure with encryption options available.

CONCLUSION

Organisations need to meet GDPR compliance obligations through embracing privacy by design. Technology will play a big part in this, alongside people and process, so selecting the right suppliers is crucial.

Red Box Recorders has been supporting customers with the secure capture of communications for 28 years. In recent years, a range of regulatory requirements have been a priority for our customers and we will continue to develop tools to make call recording compliance as easy as possible.

* The right to be forgotten must only be complied with if retention is no longer required (so if retention timeframes are stipulated for other regulations, such as MiFID II, this would still apply) or if the data is unlawfully collected in the first place. If permission was granted for the information to be collected this permission can be revoked at any time.

We'd love to hear from you and discuss how we can help you move forward todayContact Us