Please click here to download the release in full for distribution.
The latest UK Contact Centre Forum (UKCCF) Market Study, which is sponsored by PCI Pal, shows how seriously organisations are taking their regulatory obligations. EMEA Sales Director Tony Smith explains:
PCI DSS is concerned with cardholder data, which is considered personal data in regard to the GDPR. This means that the use, processing and storage of card data will fall under the GDPR and, consequently in the case of a breach, will also mean that the sanctions and weight of fines will also fall under it.
With the GDPR now in effect, it’s very positive to see how seriously UK organisations are taking their security compliance obligations. Yet, with 94% of respondents suggesting they check their access control procedures every year, we want to remind UK contact centre managers of the importance of reviewing PCI DSS compliance on an ongoing basis; the latest PCI DSS standards require that evidence is provided that documents continuous compliance throughout the year for device inventories, configuration standards and security controls, rather than simply passing a test as part of an annual assessment.