Five9 Providing Services to Customers Which Enable GDPR Compliance
The General Data Protection Regulation, better known as GDPR, is a regulation the European Union (EU) that will take effect on May 25, 2018. This is a new law on data protection and privacy for EU citizens. There are also many other privacy and data protection regulations including state, federal and international laws which already exist.
The aim of the GDPR is to reinforce data protection rights of individuals and facilitate the free flow of personal data in the digital single market. This applies to EU companies and to all companies around the world that collect personal data of EU individuals.
What happens if companies do not comply? Penalties for noncompliance are up to $23 million (€20m) or 4% of worldwide annual turnover (whichever amount is greater). There is also a tiered approach to fines. According to the GDPR website, “A company can be fined 2% for not having their records in order (article 28), not notifying the supervising authority and data subject about a breach or not conducting impact assessment.”
Five9’s technology platform processes the data of EU residents so Five9 is preparing to support the GDPR regulatory compliance requirements. Five9 is also requesting our customers, otherwise known as the data controllers, notify us of their EU processing activities so we can maintain an accurate report of processing activity as required by the GDPR.
Five9 is evolving and improving our Virtual Call Center service to offer feature required for our customers to comply with the GDPR regulation. Areas we have improved include: information security, breach management, content management, data visibility, individual data rights management, and records management.
Five9 is focused on providing services to our customers, which enable GDPR compliance.
For more information about the GDPR, refer to the EUGDPR website and its glossary.