CallMiner, the leading platform provider of award-winning speech and customer engagement analytics reaffirmed its multi-layered security procedures in response to the recent serious breach that occurred in the industry. The personal information of millions of customer records of a major telecom provider were recently exposed due to security lapses involving the actions of staff members of the provider’s technology supplier.
The exposed information included phone numbers, PIN data, names, analytical data, and call audio which may have other sensitive customer information.
“In light of the serious data breach affecting our specific industry, we thought it was prudent to discuss the robustness of our security protocols and how seriously we take data security,” says CallMiner CEO, Terry Leahy. “The recent breach did not result in someone taking advantage of the data, but it’s still a breach, and should raise questions about how technology suppliers in our space are handling security. We understand the concerns from customers about the security of cloud applications. The key is to know how to properly manage cloud-based data, through the right training and technology such as data redaction that removes sensitive information from transcripts.”
CallMiner follows strict data storage and processing standards that it deems essential as a cloud-based provider. The company is the industry leader in using data redaction to suppress or remove sensitive data such as credit card information or PCI data from the speech analytics-derived data it pulls from every agent-customer interaction including call recordings.
The CallMiner Eureka Redaction functionality is especially powerful because it prevents sensitive data exposure even in cases of human error or illegal access of stored data. If a customer or agent states a sensitive word (such as a credit card number) during a conversation, the Eureka platform marks that occurrence and replaces the text with a generic term within the outputted call transcript and mutes that portion of the call recording. A breach like the one which occurred last week is physically impossible with CallMiner’s redaction capability employed.
“Our commitment to protecting our customers’ data means we take the extra steps on both the people side and with our technology,” says CallMiner COO, Adam Walton. “We frequently check our security controls and processes against compliance standards such as SOC 2 and FISMA because we understand data protection is a company-wide endeavor. It involves administrative, physical, and tech-based fail safes. And we utilize accurate data redaction technology to separate personal information for maintaining our compliance with PCI DSS and other regulations and to protect the data from human error and breaches. Redaction offers multiple other benefits, including the monitoring of 100% of protected-class discussions, improving the system’s ability to identify complex language patterns, and forensically discover abuse and fraud risks.”
In the spring of 2017, CallMiner announced it received compliance verifications for SOC 2 Type II Attestation Report, FISMA Compliance Audit, HIPAA Security Rule Compliance, ISO 27001 Compliance, and PCI Report on Compliance (RoC), performed by KirkpatrickPrice, a licensed CPA and PCI QSA firm.