The PureCloud Architecture and the California Consumer Privacy Act

The California Consumer Privacy Act (CCPA) goes into effect on January 1st. This affords similar protections to Europe’s GDPR, which includes consumers’ right to know what personal data is being stored about them and, in some cases, the right to delete that data. Now let’s consider why GDPR, the CCPA and similar initiatives will continue to gain momentum.

We’ve experienced an exponential shift in how we do business technologically as well the adapted behaviors that embrace technology. We face some amazing and beautiful technological advancements. On the consumer side, we’ve embraced these novel approaches as fast as they can be invented. As a result, how easily consumer data is leveraged in some circles has motivated a global sentiment to put some protective breaks on these relatively new data norms. The challenge for companies using at-scale technologies like contact center software is that these protective measures add compliance complexities to the traditional solution.

Consider what happens if — and some argue when — other US states move to push similar laws as California did — or whether entire regions of Asia-Pacific and Latin America will follow Europe. You could face a runaway train of compliance catch-up across multiple vendors within the contact center market.

Multiple Systems Create Multiple Challenges
If you manage a contact center with multiple, individual solutions that comprise your system, it can get really messy — really fast. And when I did a cursory search of CCPA compliance in the market, I found little evidence that all the vendor-space is ready. This is why it’s critical to adopt a contact center design that was made with these types of challenges in mind.

The Genesys® PureCloud® architecture isn’t based on a “hosted cloud” paradigm. It was designed on the first day as a cloud-native solution. This makes it fluid because every service is designed with the directive to be reusable.

For example, there’s not a security methodology for the dialer product and another security code base and methodology for the workforce management product. You’ll find this pattern in many traditional contact center solutions. The PureCloud application relies on the Genesys Cloud platform, which uses a central security checkpoint that works with the PureCloud IVR as well as the PureCloud Reporting component.

The same is true when we have to deal with situations like compliance. A central GDPR compliance is in place for the entire underlying platform on which the PureCloud application relies. Because of its microservices architecture, it was simple for PureCloud developers to adopt that central compliance.

So, when the PureCloud product launched its early compliance with California’s consumer protections, it was already entirely wired to make this effortless. The only complexity was ensuring the specifications of the law were followed. And there’s a critical lesson in that last point.

While PureCloud developers were quietly meeting compliance, no PureCloud customers lost any sleep. I mean that sincerely. Think about how many times has IT staff had to redirect their attention and talent to solve problems that weren’t directly related to the experiences the business wanted to create for its customers. I saw this all too often when I worked as a software engineer. The PureCloud all-in-one product is designed to be truly all-in-one. This includes complexity of global compliance laws for an entire product — not a piecemeal approach that’s taken while filing extensions for a grace period.

As we approach 2020, many other complex deadlines will be on the horizon. Our technological advancements will continue to be fast and fluid. And our behavior will continue to rely on the ease and common sense that these advancements will affect our communication experiences. This is why it’s critical to get to a cloud-native product that was born and raised exactly for a situation like this.

Learn more about PureCloud compliance on our website.