Skip to main content

The GDPR Deadline Day Has Arrived, Now What?

Image
Placeholder image
Melinda Bas Senior Director Compliance and Technology Risk Management

Melinda Bas is responsible for Five9’s Compliance and Technology Risk Management Programs. Melinda leads Five9 audits and programs including the Virtual Call Center (VCC) annual SOC2 Type2 audit, the PCI DSS audit and the Privacy program currently focused on the European Union’s General Data Protection Regulation (GDPR). Prior to working for Five9, Melinda worked for multiple Industry Leaders in Technology including Oracle, Salesforce and Sun Microsystems. Melinda holds multiple industry certifications including iAPP CIPT, ISACA CISA, ISACA CRISC, and  ISACA CISM.

Five9 has been preparing for GDPR in our company and for our customers for over a year! With the penalties and massive fines for non-compliance, we have worked hard to get this right. Bringing in outside expertise to help us identify, prioritize and size the projects needed to address the GDPR requirements.    

 

GDPR has touched every part of our business. We have worked on our product, procedures, practices, information security, operations and product development and I think it’s making us better and stronger service provider. Five9 is looking at it as a positive opportunity to continue to improve what we offer our customers.

 

Five9 is evolving and improving our Virtual Call Center service to offer the features required for our customers to comply with the GDPR regulation. Compliance is an ongoing process and companies need to be reviewing their policies regularly. We have improved our operations and service offering focusing on 6 areas:

  • Information security
  • Breach management
  • Content management
  • Data visibility
  • Individual data rights management
  • Records management

 

Knowing that data is not easily mapped and mined, the GDPR deadline is just the beginning of continuous improvement in managing data privacy. We have more to learn about how end users are going to request “right to be forgotten” and “right to transparency.” We work with companies related to Healthcare with HIPPA regulations, and financial industries who discuss credit card information. We’ve worked for a number of years to offer support of controls needed to protect sensitive data. These processes and procedures have contributed to our GDPR compliance.

 

At Five9, we are prepared but we also know that the deadline date (which just passed) is just the starting point. We will continue to improve and enhance our processes and procedures. Compliance is an ongoing effort and the same will be true for GDPR compliance.

 

I recently sat down with UC Today to discuss GDPR, how we’ve prepared for the deadline, and what we are doing moving forward. Check out the full podcast here to learn more!

Image
Placeholder image
Melinda Bas Senior Director Compliance and Technology Risk Management

Melinda Bas is responsible for Five9’s Compliance and Technology Risk Management Programs. Melinda leads Five9 audits and programs including the Virtual Call Center (VCC) annual SOC2 Type2 audit, the PCI DSS audit and the Privacy program currently focused on the European Union’s General Data Protection Regulation (GDPR). Prior to working for Five9, Melinda worked for multiple Industry Leaders in Technology including Oracle, Salesforce and Sun Microsystems. Melinda holds multiple industry certifications including iAPP CIPT, ISACA CISA, ISACA CRISC, and  ISACA CISM.

Call 1-800-553-8159 to learn more about Five9