Risc IT Blog
A word to the wise
8 Tips for Compliant Call Recording
With increasing regulatory scrutiny and staff communicating in different ways across multiple platforms, there is growing pressure on companies to ensure every conversation is not only recorded but accessible and auditable in real-time. However, recording without the correct permissions, controls, storage and end-user management needed for compliance puts companies at significant risk.
TeamsLink from Wavenet is a comprehensive, easy to use Teams Telephony solution which benefits from advanced call recording capabilities. Below we’ve listed 8 important features that will ensure that your Microsoft Teams calls are captured, protected and compliant.
1. Teams-native Cloud Based Call Recording
Firstly, recording calls using a Microsoft Certified solution that directly integrates with Teams is a must. In our opinion, as a Microsoft Gold Partner, the best product on the market is Teamslink from Wavenet. Wavenet’s internal development team work alongside Microsoft to advance the technology so you can rest assured that it’ll always be up to date, safe, secure and feature rich with technology.
The recording itself is essential, but the recordings also need to be stored securely long-term. TeamsLink stores your recordings in the Cloud meaning it’s completely scalable, which is especially important for operations that involve high volumes of calls. This scalability removes the restrictions of limited on-premise storage, so vast numbers of calls can be recorded concurrently and stored for extended periods in accordance with regulations.
Cloud-storage also benefits from geographic redundancy which simply isn’t possible with an on-premise solution. This means that your recordings are stored securely in multiple geographically seperate datacentres, so if a datacentre goes down for any reason, your data remains safe and secure in a different one.
2. Retrieving time and date specific calls
Recording calls and storing those recordings is essential, but so is accessing them when required. As part of a regulatory audit or other procedures such as legal hold requests or dispute resolution, organisations are often required to retrieve all calls from a specific time or date. This is easy with TeamsLink as it time stamps all conversations, and allows search results to be filtered by date or time and by user.
3. Voice Intelligence and Critical Metadata
Call metadata such as call participants, recording name, and any tags should be stored alongside a recording. Additionally, not only does all this information need to be available, but access to this info and the recordings should be restricted to limited roles within a business, with strict authentication processes in place for absolute security.
TeamsLink features Voice Intelligence, so all recordings are transcribed and analysed by AI. The data extracted by the Voice Intelligence can be stored alongside the metadata, making granular investigations more efficient. Voice Intelligence is also useful for proactive improvements and risk mitigation. When calls are transcribed, keyword alerts can be put in place for the early detection of risky behaviour or compliance breaches. When these words occur in a conversation, managers or supervisors will receive an alert with a link to the conversation in question allowing effective, real-time monitoring.
4. Intuitive workflows and automation
Automation and intelligence can also be used to streamline processes within your business. TeamsLink includes an open API that allows you to create intuitive workflows and rule-based automation. These can automatically populate other business applications for increased productivity and visibility across operations.
5. PCI DSS considerations
So, all your data is recorded, stored and easily, yet securely, accessible – but what about PCI DSS requirements? Sensitive information such as cardholder data cannot be recorded. As redaction is not enough, Teamslink has the ability to prevent recording this sensitive information in the first instance.
6. Recorded voice announcements
Regulations such as GDPR and MiFID II require organisations to notify call participants that their conversation is being recorded. TeamsLink has this capability with optional recorded voice announcements to automatically notify call participants at the start of an inbound or outbound call.
7. Retention periods
Deleting data when it’s no longer required is just as important as storing and accessing it securely, particularly when it comes to compliance with regulations like the GDPR. TeamsLink has the option to set retention periods for recordings so they are automatically deleted after a specified period.
Lastly, whilst doing all of the above, all TeamsLink data is fully encrypted in transit and at rest using one of the strongest block ciphers available (AES-256). Every protected object is encrypted with a unique encryption key. This object key should then be encrypted with a regularly rotated master key, for added security.
To find out more about TeamsLink, or to ake out a 30 day trial, please give us a call.