Genesys, a provider of omnichannel customer experience and contact center solutions, today released an application programming interface (API) for its PureCloud platform that facilitates compliance with the new European Union (EU) General Data Protection Regulation (GDPR). The API enables organizations using PureCloud to process requests from their customers as required by GDPR, the EU data protection and privacy law that goes into effect May 25.
Under GDPR, EU residents have a number of new rights that enable greater control of their personal information while businesses are held accountable for the protection of that data. Individuals gain the right to access their data and can demand a copy of their personal data to see what a company has tracked; deletion of their personal data; and portability of their data.
The PureCloud GDPR API offers self-service features so businesses can handle high volumes of customer data requests within PureCloud.
"Privacy by design, a key part of GDPR, holds that any company that processes personal data must make privacy and data protection a priority at every turn," said Olivier Jouve, executive vice president of Genesys PureCloud, in a statement. "That very principle is inherent in the PureCloud platform, which was designed from day one to maintain confidentiality, integrity, and privacy of sensitive data."
GDPR holds that businesses must comply with personal data requests within 30 days. With the new API, businesses using the PureCloud platform can initiate and resolve such requests well within the mandated time period. For example, organizations using the API to respond to customer access requests can expect to retrieve all related personal data within one to two business days. Using the API, businesses can remove or make personal data anonymous in response to a GDPR forget me request in less than 14 days. In addition, the PureCloud GDPR API provides a confirmation that the request was successfully completed so businesses using PureCloud have a record of request fulfillment, or an electronic personal data report.
Launched in 2015, the PureCloud platform is a unified, all-in-one customer engagement and business communications solution.
In addition to GDPR, the PureCloud platform is compliant with the U.S. Health Information Portability and Accountability Act (HIPAA), the Payment Card Industry Data Security Standard (PCI DSS); ISO27001, and others. Genesys has also instituted procedures to help businesses using the PureConnect and PureEngage platforms to comply with GDPR. The company plans to roll out automated GDPR tools for both offerings early this summer.