Interoperability in the Call Center: A Natural Solution

1Call, a division of Amtelco

By Matt Everly

The call center in a healthcare organization preforms a number of very important and very different functions. One of the most significant is serving as a virtual lobby, when processing internal and external calls. It may be the initial touchpoint a patient has with the organization, so the experience has to be positive. As the saying goes, “You only have one opportunity to make a first impression.” Also the call center serves as the nerve center for ongoing communications.

Modern healthcare call centers need to be able to handle all types of calls quickly and efficiently. To ensure the virtual lobby experience is positive, the call center operators need immediate access to accurate data using modern technology. To accomplish this, information systems need to be able to share, pass, and store usable data from system to system. Interoperability is a term used in healthcare to describe the idea of different technologies and systems communicating to share data.

To handle calls effectively and efficiently, the call center system needs to use data that may reside in external databases on other systems. As an example, if a caller wants to talk to an admitted patient, the operator needs to know which room to send the call to. Most patient admission, discharge, and transfer (ADT) information resides in a database that is external to the call center system.

Without interoperability, the operator would have to bring up a second screen to view the ADT information, go back to the call center system screen, manually enter the room extension, and transfer the call. With interoperability the call center system would automatically download the ADT information from the external database and present it to the operator on the call center screen, eliminating several steps and decreasing the chance of error. Interoperability works behind the scenes to automate data exchanges and sharing.

Making sure the hospital call center is interoperable with other systems is the safe way to make sure call center operators communicate with callers in a timely and effective manner. A few of the important IT systems and technologies that should be interoperable with the healthcare call center system include:

  • Electronic health records (EHR)
  • Messaging applications (paging and secure messaging apps)
  • Alarms and monitoring systems
  • Nurse call systems
  • Scheduling systems

Many healthcare call centers routinely use outdated technology. Binders with paper call schedules, non PC-based PBX consoles, fax machines, data access terminals, and sticky notes are used by operators to access the information they need to handle calls. These makeshift solutions lead to inefficiency and mistakes.

Interoperability Works Both Ways: Hospital call center systems store information as administrators and operators input data or create schedules. This information may be valuable to other departments or used to augment an external document.

As an example, when an operator takes a message from a patient for a clinician, that message can be automatically sent to the EHR system and be posted to that patient’s individual electronic health record. By using interoperability, information from numerous databases can be combined in one area to form a master record for a particular patient.Interoperability makes healthcare call centers more efficient, eliminate mistakes, and reduce costs. Click To Tweet

Not All Systems Allow Interoperability: Legacy systems and technologies were not designed with data exchange in mind. There are several ways to connect IT systems to the healthcare organization’s larger digital ecosystem, but these can be costly and potentially unreliable.

Health Level Seven (HL7) is a set of standards used to transfer clinical and administrative data between software applications. Many present-day IT developers design products with HL7 in mind, helping organizations move toward interoperability throughout the enterprise. The healthcare call center can use HL7 to populate patient, clinician, and employee directories for operators. Also HL7 can be used as a way to post information from the call center system to a patient’s EHR.

Reducing Costs: Interoperability will make your call center operators more efficient, eliminate mistakes, and reduce costs by automating processes that are currently handled manually. As healthcare providers look to reduce expenses, interoperability in the call center is a natural solution.

1Call, a division of AmtelcoMatt Everly is the marketing director for Amtelco’s 1Call healthcare division. Matt has worked at Amtelco for over twenty years and has held numerous positions, including southeast regional sales manager, executive suite market development, and marketing manager.





Top Tips for Protecting Patient Documents in Call Centers

By Mia Papanicolaou

Healthcare call centers play a vital role in servicing patients, improving patient-practitioner communication, and leveraging operational efficiencies to contain healthcare costs. The steady digitization of patient records has brought about significant improvements in service efficiency and patient care. While inevitable, this digital transformation introduces new challenges associated with safely storing, processing, and sharing documents containing personally identifiable information (PII) and protected health information (PHI).

The healthcare sector holds the unfortunate position of having the “highest number of data breach incidents compared to other industries.” Incidents such as the LA hospital ransom attack and the database breach at Anthem Inc prove that healthcare data presents an attractive target for cyber-criminals, allegedly fetching a ten to twenty times higher premium in the black market over commonly hacked credit card data.

Despite the risks, healthcare providers and their outsourced call centers are compelled to make documents easily accessible in order to provide quality customer service. In addition, patients themselves are demanding the ability to access their own records through channels such as email, web, and mobile apps.

However, moving to digital documentation should not pose an automatic risk of breaching highly confidential patient information. In fact, if implemented correctly, a digital document management solution offers significantly more security and control than traditional document management systems.

Patient documents need to be protected at all points in the digital journey, whether stored in a document repository, accessed at the call center, travelling via the Internet, or sitting on the patient’s own computer. This can be achieved using a combination of encryption technologies, password protection, access control, and education.

Here are five top tips for protecting patient documents:

Tip 1) Control access at the document level: A digital document management solution should offer multiple layers of access control that enable a healthcare call center to compartmentalize and restrict access to different patient documents. Agent clearance should dictate what functions staff can perform on a document: view, download, or share. As an example, certain private patient records can be password protected so that the only access within a call center is the ability to send the document to the patient when requested, rather than let the agent view the details of that document.

Tip 2) Provide ongoing agent education: The easiest way for criminals to breach security and access a repository of confidential documents is by tricking or compromising an employee. In a call center environment, which suffers from high employee turnover, this fear is compounded. Be sure all agents understand and operate by the security guidelines when it comes to accessing and sharing patient documents. Constantly reinforce that one should never click on links or open documents from an unknown source as this is a common method used to install malicious software that effectively puts the hackers inside the secure network.

Tip 3) Use multiple layers of protection: As cybercriminals continue to get smarter, traditional network and database security is not sufficient. To truly secure patient documents, multiple security layers are required, to the point of encrypting and protecting each individual document even if it resides on a secure network. This also ensures that information sent via email between a call center agent and patient cannot be compromised if intercepted or sent to the wrong recipient. It also protects the document               1) against unauthorized access from someone inside the network; 2) if a call center agent doesn’t have sufficient rights to view patient information; and 3) if a compromised employee or a hacker is using stolen, but valid, credentials.

Tip 4) Help patients secure their documents: Make it a policy to never send or store unprotected documents containing confidential information. An emailed or downloaded document is saved automatically on certain devices and if unprotected, it becomes vulnerable if the device is hacked. Assist patients with safeguarding their information even when it resides on their own computer by distributing only encrypted and protected files; train call center staff to let patients know the importance of this protection.

Tip 5) Enforce a strong password policy: In order to secure patient documents from all vulnerabilities, a strong password approach is essential. This applies to the password an agent uses to access internal systems, the one a patient uses to log onto a self-service portal, or even the password used to open an individual document. If the password is weak, all other security is bypassed. Educate agents and patients on the value of using only strong passwords and the risks of using easily cracked passwords such as “123456,” “abc123,” or “password.”

The demand for anytime, anywhere access may be patient driven, but digital transformation is highly beneficial for a healthcare call center seeking to boost efficiency, improve communication, and enhance the patient experience. By taking advantage of these simple security tips, a call center will not only be able to deliver a strong customer service experience, but also provide the technologies needed to safeguard their information.

Mia Papanicolaou is chief operations officer for document security specialist Striata Inc. Mia joined Striata in 2006 and having worked in Africa and the UK, now heads up North, Central, and South American operations. Striata provides strategy, software and professional services that enable digital communication across multiple channels and devices. Striata technology secures, sends, and stores confidential documents.

Achieving Healthcare Data Security in the Contact Center

HITRUST CSF certification will become the standard for contact centers in the healthcare market

By Brandon Harvath

Data security breaches are rampant in today’s complex technological environment. According to the Office of Civil Rights (OCR), healthcare data breach numbers are staggering. In 2015, 253 healthcare breaches affected more than 112 million records. Healthcare industry players are increasingly concerned about their ability to achieve and maintain the highest levels of data security. The sobering truth is that most healthcare organizations, including contact centers, are one data breach away from a catastrophe.

Global data attacks continue to be extremely sophisticated and, faced with a steady stream of hacker headlines, the public is becoming more concerned about its own personal data. Is our industry taking all precautions to safeguard personally identifiable information (PII) and protected health information (PHI)? Progressive contact centers are working diligently to address the challenges.

A Stringent Approach to Protecting PII and PHI: In transacting daily business, consumers share a great deal of personal data with unknown persons who answer the phone as the voice of a trusted business entity. Consider how many times each of us has called a company’s contact center and shared personal information. This practice has become so routine that most of us barely give it a second thought.

The security of PII and PHI is only as strong as the chain’s weakest link. Toward this end organizations spend millions of dollars annually on anti-hacking software and other privacy and security programs. Unfortunately it takes just one click of a spam email for the fragile system of data security to be shattered.

Health insurers and their vendor partners face a tremendous challenge today in complying with the mandates of a multitude of federal and state agencies, including the regulations put forth by the Health Insurance Portability and Accountability Act (HIPAA) and its complex privacy and security rules. Many of today’s privacy and security issues were not even envisioned when HIPAA was enacted in 1996, so it is incumbent upon the industry to be progressive in its achievement of data security. This requires a holistic approach that encompasses not only HIPAA, but also complex standards formulated specifically to mitigate broad-ranging privacy and security risks. One organization has emerged to require healthcare organizations implement this sophisticated set of standards: Health Information Trust Alliance (HITRUST).

At the foundation of HITRUST’s offerings is the common security framework (CSF), a certifiable infrastructure that provides organizations with a comprehensive, flexible, and efficient approach to regulatory compliance and risk management. Developed in collaboration with healthcare and information security professionals, HITRUST CSF merges healthcare-relevant regulations and standards into a single overarching security configuration. HITRUST CSF has become the most widely adopted security framework in our nation’s healthcare industry as it helps organizations via an efficient, prescriptive framework for managing the security requirements fundamental to HIPAA.

Attention is turning toward achievement of the level of security HITRUST CSF demands. In June 2015, for example, HITRUST announced that a growing number of major healthcare organizations, including key health insurance companies, would now require their business associates (BA) to obtain CSF certification within the next twenty-four months.

Those contact centers that have already committed the time, finances, and other resources necessary to earn such a stringent certification are on data security’s leading edge. Those that have not will need to act quickly to remain partner vendors with this growing group of certified healthcare clients.

One Contact Center’s Journey: Achieving what many view as the Holy Grail of world-class healthcare data security does not come without tremendous investment: communicated management commitment, dedicated resources and rigid processes and controls. In our experience, the contact center attempting to reach this goal must adhere to a number of controls that are focused on three mission-critical areas: technology and systems, process, and people. Because a detrimental glitch can occur within any of these areas at any time, compliance within a multitude of data security categories (HITRUST has more than sixty) must be assured.

Access to information systems, for example, is to be role based, in compliance with HIPAA guidelines, and is determined based on an intense evaluation of one’s role within the organization and within a specific program assignment.

Our management evaluates each job function to provide the minimum necessary access to information systems and data needed to satisfactorily perform individual tasks. Monitoring is strict and includes ensurance of procedural compliance in all prescribed areas. With HITRUST certification at the core of our data security program, these are a sampling of best-in-class practices that contribute to our continued compliance:

  • Zero-Tolerance Corporate Culture: All employees and associates take ownership and accountability for data, working to “protect it as their own,” and embody the core values of trustworthiness, respect, responsibility, fairness, caring, and integrity in all their actions and practices. The organization also maintains and enforces a code of conduct in which nothing less than absolute integrity is expected and accepted.
  • Compliance Training and Testing: All employees and associates are required to satisfactorily complete a range of training topics that include compliance and ethics, HIPAA, security awareness, and HITRUST. Training is conducted online and concludes with knowledge checks. The chief compliance officer (CCO) and chief technology officer (CTO) present during client and product training and are also available for team-specific training.
  • Limited and Monitored Access to Data: In addition to firewalls that block unauthorized access to specific computer-generated communications, Wi-Fi access is not accessible on company premises. Work teams have access only to the suite where they are assigned, and a strict, badge-access policy is enforced. Teams have access to all information needed to respond in a highly expert way to their customers, but they only have access to information specific to their program.
  • Maintenance of Physical Security: Physical security is ensured through the implementation of a facilities security plan, which details all security elements (doors, entryways, security cameras, desk environment, and vendor compliance) and the necessary steps to accomplish absolute security. Clean rooms and clean production suites create environments to protect PII and PHI from risk of sharing by prohibiting cell phones, cameras, and other personal electronics as well as paper and pens so that PII or PHI is not written down as calls are handled. Supervisors continually monitor production floors and individual work areas.
  • Ethics Reporting Hotline: Data security issues are paramount and the importance is consistently communicated to all employees and associates. Employees and associates at all levels within the organization are encouraged to report – anonymously via website, telephone or email – any and all data security concerns to the CCO or chief human resource officer. A strict non-retaliation policy is vigorously enforced. Senior leadership is committed to providing avenues through which ethical issues may be revised, reviewed, and resolved openly and honestly. The CCO maintains an open-door policy for employees and associates to ask questions on how to maintain ethical standards or flag a potential problem.
  • Continual Process Improvement: As part of HITRUST CSF certification, we are required to continually demonstrate improvement. Certified organizations are subject to an annual review as well as quarterly improvement updates, and they must consistently demonstrate improvement of maturity level as it relates to a multitude of privacy and security protocols.

The proliferation of technology we take for granted today, and which didn’t exist a decade ago, has necessitated the need for stringent controls and data oversight. HITRUST CSF certification and other marketplace compliance certifications will soon become the standard and the price of doing business in the healthcare market. The security of consumers’ data – and the survival of our healthcare contact centers – clearly depends upon it.

Brandon Harvath is senior vice president of operations for Corporate Call Center, Inc. (CCC), a customer interaction company specializing in providing complex, high-touch services within the healthcare insurance and other highly regulated markets. CCC, a multi-site contact center, is headquartered in Blue Bell, Pennsylvania. Harvath can be reached via email or 215-283-4202.

Should We Switch Our Mindset From Calls to Contacts?

By Peter L DeHaan, PhD

Peter DeHaan, Publisher and Editor of AnswerStatThe first issue of AnswerStat magazine rolled off the presses over a dozen years ago. Since then much has changed. Call center technology has advanced, customer expectations have expanded, hiring and training practices have evolved, and new service opportunities have emerged. The Internet exploded into a global phenomenon that altered everything.

What hasn’t changed much is the telephone call. Call centers still answer calls, make calls, and transfer calls; we give and receive information over the phone. The telephone is the ubiquitous communication medium, and it is central to the call center.

During these years of technological transformation, there was also faxing and paging, but both were insignificant compared to the widespread practice of simply picking up the phone and calling someone to have a two-way conversation in real-time. Not too many people fax anymore, and it’s been ages since I’ve seen a pager. Yet the telephone remains.

But now we also have email, text, and social media. Some call centers have fully embraced these technologies and integrated them in to their operations. Others have persisted in focusing on phone calls. Yet the pressure remains for such centers to add these newer forms of communication and connection into their call center mix. As a result the call center becomes the contact center. To embrace this multi-channel paradigm, your call center mind-set must be about contacts, not calls.

Consider these forms of contact:

Calls: Phone calls represent the majority of contacts in almost every contact center. We excel at calls.

Fax: Some healthcare communication still occurs by fax. Though this channel is small, someone needs to oversee it. Why not the contact center?

Pager: Pagers have gone away in most industries, but they still have value in healthcare where reliability, speed, and disaster-adverseness are vital. Contact centers have always done a great job at sending pages, and some even manage pager inventory. There’s no reason to stop now.

Email: Processing secure email is a natural fit for contact centers. They have the network, the Internet connection, the computers, and the staff – and the ability to send, receive, forward, and screen email, just as with calls.

Text: Text is growing in most sectors. This is one more channel for the healthcare contact center to add to their arsenal.

Social Media: A growing preference for people of all ages is to interact online with others through social media. Healthcare organizations require someone to monitor all those comments, tweets, and contacts, responding in a timely manner that is professional and accurate. With the plethora of social media platforms, no organization can utilize them all, yet they must be where their patients are. The task of interacting with these social media-minded customers is ideal for contact centers.

Self-Service: A final consideration is self-service, the preferred option for most people when they have a question or problem. How, you may ask, does self-service become a contact center opportunity? Doesn’t self-service subtract from the contact center? Yes, every interaction handled via self-service is one less interaction handled by the contact center. Yet forward-thinking contact center managers see two opportunities.

The first is that contact centers are in the best position to know what issues self-service should address. Poll a group of agents, and the top ten needs for self-service will quickly emerge. The contact center should serve as the advisor for self-service topics. Better yet, the contact center could take the lead role and actually produce and administer the self-service content.

The second opportunity is providing backup for self-service. Self-service cannot help everyone, every time. The contact center should catch those that self-service drops. As a bonus, these calls, taken in aggregate, then provide fodder for additional self-service content.

Whatever channels your contact center covers, keep in mind that it’s not about the technology, it’s about the contact.

AnswerStat is here to help you maximize every contact, and our annual Buyers Guide is a great place to start.

Peter L DeHaan, PhD, is the publisher and editor-in-chief of AnswerStat magazine and a passionate wordsmith. Connect with him on his blogs, social media, and newsletter, all accessible at

[From AnswerStat December 2015/January 2016]

What Comes to Mind When I Say Healthcare?

By Detta Donoghue

Many would first say hospitals, while others might say their primary care physician, and still others might think of the local clinic they depend on. Clearly all of these are appropriate responses, depending on the health status of the individual answering the question. Even though each of these function differently, there is one common thread that links them all: patient care. Today hospitals, group practices, and clinics are in a competitive environment, at times fighting (in a civilized way, of course) to gain the attention of new patients.

Securing new patients, however, is just the beginning. More than ever healthcare organizations are looking at technology to help them keep and retain their clientele. For example, the patient portal, unheard of five years ago, is now a standard and has made its way into private practices, dental organizations, and even veterinary medicine. Yes, you can now track Fido’s health online.

So why would any organization jeopardize all this progress and not do everything possible to make sure the patient shows up at the appointed time? I’m speaking of the standard the appointment reminder message we all get today. These messages are not just for healthcare anymore, but have become a standard business practice where applicable. I personally receive them for hair appointments, restaurant reservations, and most recently for a hotel and tour reservation.

Clearly nobody wants to lose the revenue generated from missed appointments, lose the potential downstream revenue that appointments can generate, or let resources go unused for the appointed time slots from missed appointments. Studies show that as much as $20,000 can be lost when a patient does not keep a healthcare appointment.

This happened to me recently when I failed to show up for tests that had been scheduled. Why didn’t I show up? Simple: I didn’t get the appointment reminder. To make the situation worse, when I asked why I did not receive the reminder – no call, no text, no email – I was told that the information was on my patient portal. There was just one problem: I had not signed up for the portal; I didn’t even know the practice had one. So the tests had to be rescheduled. Luckily the results were good – it could have easily gone the other way, and waiting almost a month for potentially lifesaving treatment would have been due to not receiving an appointment reminder.

The point of this little story is simple: Don’t lose sight of your audience. I’m pretty technically savvy, and I never thought to ask about the patient portal. Frankly, even if I had, I wouldn’t have thought it would replace the function of an appointment reminder.

If your organization is encouraging the use of a patient portal, be proactive in making sure your patients know how to use it. Next, if you have something that’s working well, make sure your new technology takes your facility or practice to the next level of patient care without any loss of service. Finally, when deploying new technology, ask what can or cannot be integrated with what you already have in use currently. Often you can leverage what you have already invested in by adding other levels of service and solutions.

Don’t let technology get in the way of serving patients. Don’t overlook something as simple as an appointment reminder. Your patients’ health is at stake – along with lost billing.

Detta Donoghue has been working in the technology industry for over forty years, holding a variety of positions servicing the IT and telecom disciplines. As the director of marketing and communications for CI, Detta provides branding, collateral, presentation, and educational support for both the channel sales group and company as a whole. Detta was formerly the director of marketing and vendor relations for SDC, director of channel sales for Amcom, served on Avaya’s DevConnect committee, and was president of the Siemens user group.

[From AnswerStat October/November 2015]

Vital Signs: The Internet of Things Intersects Healthcare

By Peter DeHaan

Peter DeHaan, Publisher and Editor of AnswerStatThe term “Internet of Things” may be new to you, or it might be something you’ve already grown weary of with eye-rolling boredom. Though a definition for the Internet of Things is still evolving, expect to hear a lot more about it in the future.

Basically, the Internet of Things revolves around the concept of things – instead of people – using the Internet to share information without the need for human interaction. Though a “thing” implies a device, it could mean any object and cover animals or even people. At the most basic level, an active RFID (radio frequency identification) tag qualifies.

A huge area of interest for the Internet of Things is in home automation and convenience. A security system is one obvious item, where sensors in your home report to a computer at the monitoring station what is happening when you’re away. Internet-connected garage doors are a reality today, as well as remotely accessible thermostats, nanny cams, and door locks. Looking into the future, the Internet of Things could report when your kids get home from school, who is with them, and if they leave; of course you will also know if they attended school or skipped. Dreaming a bit more, your kitchen could make your grocery list based on the contents of your cupboards and refrigerator or what you ate last night, even placing an order for you.

Another area for the Internet of Things is fitness. Devices – whether a stand-alone gadget or a smartphone app – can track how many steps we take in a day. With an Internet connection, this data can be sent to another computer for analysis, storage, or action. Imagine receiving a text message encouraging you to go for an evening walk because you haven’t hit your target number of steps for the day. These fitness devices can also monitor basic body functions such as heart rate, moving the Internet of Things into the area of healthcare.

Healthcare is rife with applications, both present and future, for the Internet of Things. Monitoring patients’ vital signs is common in the hospital environment, but the concept can be extended to home-based convalescence or hospice. Telehealth taps into the Internet of Things and can greatly expand because of it. Locating dementia patients who may have wandered off is feasible with the Internet of Things. Even remotely administering medications is a possibility. The list of potential healthcare applications is limited only by our ability to imagine grand solutions.

While the basic premise is that the Internet of Things moves data without human interaction, at a certain point some of this data will require human involvement. This may be to evaluate options when a preset threshold is met, initiate a response, or escalate action. The Internet of Things becomes a serious tool to keep us healthy and safe; lives are at stake.

At the intersection of healthcare and the Internet of Things can stand the modern healthcare contact center. After all, the medically minded call center already has the staffing and technological infrastructure largely in place to handle such tasks. Some call centers are already doing some of these things – though they haven’t likely considered them in the context of tapping into the Internet of Things – to serve patients and assist healthcare providers. Opportunities abound.

To be ready to make the most of these opportunities, look at the healthcare-related Internet of Things around you. Then investigate what your contact center needs in order to handle the required human aspect on the backend. It may be a bit of specific training or perhaps some server software to provide the needed interface. Be ready so that when someone comes to you with a problem stemming from the flood of data from the Internet of Things (IoT), you can nod and smile when you tell them, “Yes, we are IoT-enabled and ready to help.”

Peter DeHaan is the publisher and editor-in-chief of AnswerStat magazine and a passionate wordsmith. Connect with him on his blogs, social media, and newsletter, all accessible from

How the Cloud Can Help Safeguard Your Lifeline with the Customer

By Neil Titcomb

Contact centers provide an essential lifeline between organizations and customers. A well-designed and sensibly implemented business continuity protection strategy for the contact center can minimize the high costs of downtime and, more importantly, minimize the loss of revenue that can cause serious harm. But is it too expensive to implement? The cloud offers the answer. Cloud architecture and deployment options provide a near-seamless business continuity strategy that can significantly minimize the impact.

So what are the key issues associated with business continuity? And how can the cloud address these issues?

Business Continuity or Disaster Recovery? Business continuity is not the same as disaster recovery. While the terms are sometimes used interchangeably, business continuity is concerned with mitigating risk before a disaster strikes, while disaster recovery refers to plans to be acted upon in the event of a disaster.

Business continuity describes the necessary planning and processes to reduce risk and ensure that critical business functions will continue to operate in the event of a disaster; this should be implemented well in advance. Natural disasters have a huge impact on businesses today. For example, in the United States, Hurricane Sandy caused approximately $50 billion in economic losses; flooding across Europe caused proportionately similar losses.

Business Continuity and the Contact Center: Today’s contact centers are complex environments with multiple systems and technologies, many of which are critical to their operation and customer communications. It is, therefore, easy to see why it is imperative that contact centers remain up and running in the event of a disaster. But it is also important to remember that the increase in system complexity, tighter service level agreements (SLAs) with customers and partner organizations, and a variety of industry regulations all contribute to the need for a strong business continuity strategy.

Determining the Financial Impact of an Outage: How do you calculate the effect of an outage on your business? First, consider agent productivity. To determine the impact on your own agent productivity, you will need to compute or determine the loaded cost of an agent and the number of agents in the contact center. Next, calculate the agent per-hour cost. By factoring in the outage time per year, you can then determine your own costs of lost agent productivity from an unplanned outage.

Not only will you suffer agent-related costs, but the financial hit of lost revenues plus the damage to competitive advantage can be huge. A definitive result can be calculated by looking at metrics such as the number of interactions handled in the contact center, lost calls or interactions, and abandon rates.

Depending on lifetime customer value, the consequential total cost of outages or disruptions can run well into the millions on a yearly basis.

Hidden Costs: Determining the appropriate level of protection comes down to balancing and comparing the costs of the solution compared to the cost of lost business from a disruption. Not only do you have direct costs, there are also the hidden costs of doing nothing: loss of competitive advantage and additional infrastructure costs.

Decision Time: In the end, the decision for how much business continuity you will need comes down to how competitive your business environment is, how strategically important it is to provide a consistently superior customer experience, and how willing the organization is to invest in and ensure that you have the ability to deliver service in the face of unplanned disruptions.

How the Cloud Can Help: Cloud providers offer a wide variety of capabilities, including physical facilities and network services, secure data centers with geographic separation to overcome localized disasters, and the ability to rapidly restore service, in addition to full-time vigilance.

These are all services that are integral to many cloud solutions. A suitable cloud provider offers continuous coverage to ensure that any service issue is attended to and resolved rapidly, maximizing availability for customer interactions.

With its numerous backup carriers, storing your data in the cloud means that the risk of losing data during a blackout is almost eliminated. Some cloud providers offer options for redundant network services from their data centers to your locations across multiple carrier links. This ensures continuity of critical services and redundancy to the serving data centers and further protects key data and voice circuits from single points of failure.

As a result, a cloud solution is effective for maintaining a viable workforce during outages and natural disasters. Additionally, using the cloud means that contact center employees now have the added flexibility to work from home, which introduces a wide range of business advantages such as reduced building costs, decreased employee turnover, and improved productivity.

Keep It Top of Mind: As long as man-made and natural disasters affect organizations, business continuity will be a hot topic, and having a business continuity strategy should be top of mind for IT executives, particularly for contact centers that provide an essential lifeline to the customer.

In creating a business continuity strategy, companies need to understand the short- and long-term risk and costs involved in a disaster and then balance these costs against the costs and benefits of a business continuity strategy. This is where the cloud offers a real advantage.

A cloud-based contact center solution can simplify and greatly enhance business continuity plans. A business can take advantage of the resilience and high availability that cloud service providers must provide as part of their own infrastructure simply to be able to deliver software as a service (SaaS). Cloud-based contact center technology provides easy access, proven security, compliance, and scalability. Constantly monitored by seasoned IT professionals, interactions are managed in the cloud every day, not just as an option for disaster situations.

This experience provides real value for businesses and customers, and it provides a peace of mind should an unfortunate or unexpected incident occur.

Neil Titcomb is the UK&I sales director for cloud at Genesys.

[From the Dec 2014/Jan 2015 issue of AnswerStat magazine]

Securing Sensitive Contact Center Information in the Cloud

By Neil Titcomb

Securing customer data on all applications managed from the cloud will become increasingly more important as cloud adoption expands and more organizations move customer-facing contact center applications to the cloud. Despite the increased adoption of cloud-based contact center solutions, some organizations still have concerns due to the increase in high-profile security breaches. Therefore, what should business and IT managers be looking for when seeking reassurances about security from a cloud provider?

First, when choosing a cloud service provider, it’s important to select a company that believes securing data is critically important and is a shared responsibility.

A recent report from the Ponemon Institute titled “Security of Cloud Computing Providers” reported that 69 percent of cloud providers surveyed did not believe that securing customer data was their responsibility; only 16 percent believed security should be a shared responsibility between cloud provider and tenant.

Organizations seeking the enhanced business agility, cost reductions, and other core benefits of cloud-based contact centers should indeed make the move to the cloud, but they need to make sure to move securely. This starts with choosing a cloud service provider who views protecting customer data as a shared responsibility and demonstrates a commitment to maintaining a highly secure and private environment for all clients. Surprisingly, few providers do.

Physical Security: Securing Inside and Out: As with all types of security – whether it’s physical, logical, or network – there should be several layers of security parameters in the centers to ensure the security of the data.

Physical security is a critical component in protecting customer data given that, more often than not, stolen data is the work of a current or former employee rather than an outside hacker. Physical security should be controlled 24/7 by means such as keycard access, video surveillance, security system logging, and security personnel. Data center access should only be granted to employees and contractors who have a legitimate need. When employees no
longer have a need for access to the center, their privileges should be immediately revoked. This should be confirmed by policy and through regular audits of access lists.

Preventing Unauthorized Access and Hacking: Logical security is a second critical layer in keeping customer data safe. This entails using software-based techniques for authenticating user privileges on a specific computer network or system to secure access. Cloud service providers also use role-based permissions, assigning users to roles that grant them specific levels of access to systems and data.

There are many different techniques to authenticate users, such as usernames and passwords and two-way authentication. Two-way authentication is more secure than a simple username and password system; it occurs when the user and the computer system engage in a two-way, question-and-answer exchange. When the user attempts to log in to the system, the system sends a challenge question the user must correctly answer in order to gain access.

There exists any number of challenge questions that can be asked in order to prevent unauthorized users from easily gaining system access with a stolen username and password combination. Two-way authentication is one of the strongest methods of authenticating users, and it can be extremely useful in cloud centers.

Multilayered Firewalls: Weak network security is one of the biggest threats to an organization. Unauthorized access and snooping are the two main types of network security threats. It’s important to ask whether the cloud provider’s network is protected by multilayered firewalls and an intrusion detection system.

In many cases, working with the right service provider can help an organization stay ahead of data theft and potential security breaches. But it is key to find a cloud service provider that adheres to the latest security guidelines and uses the best tools available to secure confidential information.

Make sure you are familiar with the policies and procedures in place to deal with overall security and understand the cloud provider’s approach to any breaches or attempted breaches that may occur – and then ensure that these meet your organization’s needs.

Neil Titcomb is the UK&I sales director for cloud at Genesys.

[From the October/November 2013 issue of AnswerStat magazine]

5 Myths in Cloud-Based Communication and Security

Easy Office Phone, a North American provider of cloud-based business phone service, identified five misconceptions many organizations face surrounding cloud-based communications systems and their security implications. “Cloud-based phone service is an increasingly mainstream choice for business communications, yet some companies are still holding back,” said Adam Simpson, CEO and co-founder of Easy Office Phone. “We believe the hesitation is often due to inaccurate perceptions, and we aim to change that with our education-based approach.”

Here are five common misconceptions in cloud-based communications systems and security:

1) Voice Quality Might Be Affected: With a suitable Internet connection, digital phone service can actually deliver considerably higher quality and fidelity than a traditional copper landline. Voice reproduction is much more accurate and lifelike. Many users report that voices sound more natural and less “tinny” on a digital service.

2) The Technology Is Less Secure: After moving to a cloud-based phone service, you can actually enjoy much more secure conversations. With compatible hardware, all voice packets can be encrypted. In addition, with a private Internet connection, the path those packets travel along is also secured, making interception and decryption virtually impossible. By comparison, a traditional landline would be considerably easier to tap.

3) Scalability Is a Limitation: Cloud-based phone service is vastly more scalable than on-site systems. There is no need to install a physical PBX, so the initial deployment is rapid and simple. Adding capacity as needed is similarly painless, since cloud-based providers can activate additional lines remotely and within minutes, in contrast to needing an on-site service call to run more physical lines into an office for a PBX or telephone switch. In addition, flexible device and software options allow for the easy integration of new, remote, or part-time staff into their communications ecosystems.

4) The Cost of Switching Is Expensive: Getting started with a cloud-based service is very cost-effective. As previously mentioned, there’s no need for an on-site PBX, which means an initial savings of thousands of dollars. Initial setup is also less costly, since most cloud providers ship hardware pre-programmed for plug-and-play usability. Whether a company chooses to install the phones itself or hire an IT company, work time is minimal.

There is truth to the concern that equipment designed for analog systems may not be inherently compatible with a cloud-based solution. However, the majority of today’s legacy phones can be used with a digital service if a company obtains analog-to-digital adapters, which are less costly compared to purchasing new phones. Finally, with desktop and smartphone apps, companies can reduce or even eliminate the need for new hardware.

5) This Technology Will Be Obsolete in a Few Years: IP technologies are now well-established components of the telephone network and will soon become the mainstream standard. The FCC recently voted to begin testing the deployment of IP networks in place of existing copper-based infrastructure. Communications will soon reach a point where the adoption of IP technology will no longer be optional.

“With the FCC openly discussing the end of the traditional public phone network, the time to switch to a cloud-based communications service is now,” concluded Simpson. “It’s not just a marketing cliché – cloud-based service truly is the way of the future. Businesses will benefit from adapting now, rather than scrambling to catch up at the last minute.”

[From the Aug/Sep 2014 issue of AnswerStat magazine]

Nine Questions to Assure Peace of Mind in the Cloud

By Richard D. Stier, MBA

“There are two ways to look at today’s healthcare contact centers,” said Mary Alice Worrell, director of call center services at Ascension Health Michigan Ministries. “You can be nervous because the market is changing. Alternatively, you can choose to grow with the industry and understand that this is a season of great opportunity. Because primary care physicians are the drivers of value-based payments, the call center is now front and center. This is our time.”

Yes! Our time is now.

Healthcare contact centers are now more relevant than ever. They are moving from a siloed support function to a critical role as a communication hub at the center of the healthcare continuum. As mentioned at the 25th Annual Conference of Healthcare Call Centers, “The contact center is the nerve center at the heart of the new structure.”

As we take advantage of this resurgent opportunity for healthcare call centers, a key dilemma demands consideration: Should we install contact center software, or should we subscribe to a cloud solution where an Internet connection is all the infrastructure we need? Here are nine questions that can help you arrive at the right answer for your organization. Your peace of mind may depend on it.

1) Does your contact center have limited access to internal IT support? Baking brownies for the IT team is still appreciated. Unfortunately, sweet treats may no longer secure the expertise of over-stretched IT professionals. Your request is one of many at a time when they are overcommitted, scrambling to support multiple mission-critical priorities. If you find yourself jockeying to schedule the high-demand time of an IT expert – perhaps to help you acquire and install hardware and software or to support software updates – then you understand the challenge.

The cloud may provide welcome relief. Leading cloud providers deliver their software with no internal IT support required. That’s none – zero. In addition, your IT team may appreciate the freedom to focus on other initiatives such as enterprise-wide EMR. Pass the brownies.

2) Is capital funding restricted or difficult to obtain? Instead of paying for software, paying for the hardware to support it and the IT professionals to manage it, cloud solutions enable clients to simply purchase an annual subscription. That means lower up-front costs. For many organizations, that also removes the need for capital funding. Avoiding the capital budget process, while still securing the functionality you need, may be an attractive option.

3) Does the proposed cloud solution manage updates and upgrades for you? Installed solutions require regular updates to remain current. Leading suppliers of healthcare contact center cloud software manage all upgrades. There are no patches for clients to download and install. There are no worries about system maintenance, operating system upgrades, database optimization, or proactive monitoring to detect issues before they become problems. Additionally, there is no need for clients to add hardware, software, or bandwidth as the user base grows. Take a breath.

4) Confirmed security: is the proposed cloud solution SSAE 16-certified? How secure is your installed solution data? SSAE 16-certification is beneficial to cloud data centers that provide services to a large client base. It is a trusted third-party attestation of meeting a level of proficiency. SSAE 16-certification applies to data centers that provide colocation and have customers who require security and comprehensive data protection. If you’re serious about a cloud solution, be serious about security. Look for a cloud solution from a provider who has earned SSAE-16 certification

5) Is the proposed cloud solution scalable to your specific environment and level of complexity? What is the solution’s historical percentage of uptime? Your contact center solution should adapt with you as your needs change and your organization becomes more complex. Whether installed or cloud-based, require a solution that can easily grow from supporting a one-person call center to an integrated contact center servicing scores of hospitals and thousands of providers. Ideally, your contact center software should integrate with key existing systems.

Uptime is a baseline requirement. If the proposed cloud provider does not have a record of delivering 99.9 percent uptime or better, keep looking.

6) Is implementation faster with the installed contact center software solution or the cloud solution? Does a proposed cloud solution provide a faster implementation than provided by the corresponding installed solution? Leading contact center cloud solution providers have refined and honed cloud implementations. For example, one cloud contact center solution offers implementation time that is 60 percent faster than with the equivalent installed solution.

7) Which clients are more current on their supplier’s software? Find out if installed or cloud clients use more current software. Often cloud clients are on more recent versions than installed software. Using the most current software allows for the newest features.

8) Does the proposed cloud solution assure untethered access to call center data? A call center connects by phone, while a contact center can utilize multiple communication modalities including telephone, Web chat, email, and text messaging. For a contact center, an application-programming interface, or API, is a vital tool. Think of an API as a machine-to-machine interface rather than a user interface. An API provides a set of programming instructions and standards for accessing a Web-based software application, whether installed or in the cloud.

An API allows programmers to automate the flow of data by developing applications that communicate with existing software applications. A key benefit is a significant decrease in internal costs by eliminating the need to reenter data that is already captured by an existing application.

APIs also make it easy to efficiently share data and processes, allowing developers to access the functionality of other software through well-defined data structures. This can assure that you have complete, accurate contact center data.

Leading contact center cloud applications include an API. Don’t consider a cloud contact center solution without this essential functionality.

9) Are value-added features available exclusively for cloud clients? Find out about cloud-specific resources and value-added services that may not be available or may be extra-cost options with the equivalent installed software. One contact center cloud solution includes concierge services. This client-specific competitive advantage includes a professional who works with clients to design, create, and support both process improvement and report generation and automation, exactly what many clients seek.

Here’s an all-too-common experience by one cloud contact center client: The call center data administrator left the organization, and suddenly no one knew how to produce key reports. Reports that had been previously automated were now produced manually. In some cases mission critical reports were not prepared at all. They needed help, and they needed it quickly. Can you relate?

Yes, this is our time. Contact centers are profoundly relevant to today’s healthcare challenges. Your decision about whether to select an installed or a cloud-based contact center software solution can be either an intentional accelerator or an unfortunate limiter of your success. Choose wisely.

Rick Stier has a thirty-year record of results as a healthcare marketing executive and consultant. He is vice president of marketing at HealthLine Systems, Inc., a provider of software and consulting solutions to over a thousand healthcare organizations across North America.

[From the June/July 2014 issue of AnswerStat magazine]