GDPR Compliant, Omni-Channel Cloud Communications For Insurance Leader
Integrated Business Communications , Automatic GDPR & PCI DSS Compliance and Cost Reduction
A leading insurance broker, established in 1980.
Hastings Insurance Brokers is a leading provider of multiple insurance products in Ireland with 6 offices selling into private, SMB and multi-national sectors. Established in 1980, the company has a track record in adopting innovative technology to deliver products more efficiently to customers.
- 65 employees in sales, administration & management
- 6 offices and expanding
- Multiple customer communications – voice, SMS & chat, requiring recording & archiving
Hastings has always sought to use best of breed technologies and the advent of GDPR led the company to consider how to use a cloud communications solution that would:
- Offer all current and future customer communication channels, including voice, video, SMS & chat, through a single cloud platform.
- Integrate all the different business units external and internal communications requirements
- Record and archive all client-facing communications for training and compliance needs within GDPR guidelines.
- Provide a PCI DSS compliant solution to collect policy payments over the phone from customers
Savings of around 20% versus legacy approach
Key Challenges To Be Met
- Too many different technology providers
Across the 6 offices, Hastings had different on-premise telephony and call recording systems. SMS and chat were also provided by different vendors. As well as the ongoing maintenance and support costs, this siloed approach had significant limitations around reporting and it was not possible to centralise all recordings.
Hastings sought to modernise the company’s approach to communications by integrating all the channels through a single solution.
- Omni-channel communications
Hastings has increasing demand for more communication channels from customers in addition to voice and SMS. Outbound SMS is used to confirm insurance contracts or provide updates with up to 3,000 messages per month. Inbound & outbound calls are increasing monthly in line with the business growth currently ongoing. In addition, Hasting receives up to 400 inbound chat enquiries directly from the company website.
Going forward, the sales team also require the ability to offer video meetings to both clients and to cover remote interviews of new staff.
With the demand for more communication channels and higher volumes, the greater the compliance headache, particularly around GDPR. Hastings needed to ensure they could easily meet compliance across all the channels they used to engage with clients and prospects.
The introduction of General Data Protection Regulation (‘GDPR’) on May 25th, 2018 represents a firm action by the EU to significantly strengthen and unify data protection for all individuals within the EU. Once GDPR comes into effect, data controllers like Hastings must be able to immediately ensure that personal data is processed lawfully, transparently and for a specific purpose. Where a company or organisation is found to have disregarded GDPR compliant procedures, they may be subject to fines of up to €20 million or 4% of their global annual turnover, whichever is the greater figure.
Specifically, Hastings is required to record all customer communications to retain a record of customer transactions and for training purposes. As a data processer, this customer data exposes Hastings to GDPR and it is extremely important to management that the data is handled correctly, removing the potential for any mishandling or data breaches.
- PCI DSS compliant payments & Core IT integration
Many Hastings clients pay for insurance policies using their bank cards over the phone which requires Hastings to meet PCI DSS compliance. In addition, payments are handled through an existing payment gateway. The ability to handle these payments and integrate with existing IT was another key consideration for Hastings when assessing cloud communication solutions.
Solgari provides customers all the digital communication channels – including voice, WebRTC video, chat, IM & SMS – while automatically addressing GDPR, PCI DSS & MiFID II compliance requirements through a per user per month SaaS model. The decision to move onto Solgari’s cloud solution allowed Hastings to satisfy their key objectives while creating cost savings by avoiding the expense and complexity of multiple vendors.
Integrating All Communication Channels
Hastings is now running all voice and SMS communications on Solgari’s cloud platform. Outbound SMS for policy updates and confirmations also include delivery receipts and number of other features such as bulk delivery.
Other communication channels such as website chat are also moving onto Solgari while video meeting capability is now available to the sales team using both Solgari Connect and Solgari Forum. These WebRTC services allow customers reach Hastings sales team straight across their own browser at no cost while also providing high quality video meeting and document sharing capability.
An internet connection is the only requirement to access all features and functionality, meaning that Hastings staff can continue to make compliant customer communications even when travelling.
The cloud-based monthly Software-as-a Service solution provides Hasting significant reporting and training capability while delivering savings of around 20% versus the legacy approach of using different, disjointed telephony, SMS, recording and carrier services across each office.
By integrating all Hastings’ client communication channels in the cloud, Solgari also automatically meets the company’s GDPR compliance needs by recording and archiving all channels in a 1024 bit encrypted military grade hosting environment. This data can be deleted as required by Hastings, as the data controller, after 5 years or as requested by the client. Only authorised Hastings administrators have access to this data removing the potential for data breaches which are strictly prohibited under GDPR.
Solgari’s cloud communications platform covers all 4 layers of ‘GDPR compliance within the transaction’ for Hastings:
- Transaction created (on voice, SMS or other Solgari communications channels)
- Transaction recorded and stored (all communications data related to the transaction is recorded and archived in Solgari’s cloud)
- Search and retrieval enabled (instantly on Solgari’s Cloud)
- Analysis enabled (word and phrase search with any audio recording for key information)
Reporting & Training
The availability of all communications data and recordings in a centralised reporting environment opens up significant data analysis capability to Hastings including reviewing time spent on calls by sales teams, searching for specific issues or trends being discussed with clients and allowing barge-in and whisper capability around staff training.
PCI DSS Compliance & Core IT Integration
As a PCI DSS compliant vendor, Solgari’s solution for Hastings includes a payment IVR that integrates with the existing payments gateway, offering an automated payment option to clients over the phone. The integration with the customer database management solution also offers further productivity enhancements to Hastings by being able to pop the details of incoming callers while leaving a link to where the related call recording is held in Solgari’s cloud.
At Hastings Insurance Brokers, we provide our customers a number of communication channels and with the advent of GDPR it was important to think carefully how we could manage the recording of this important customer data in a compliant manner. Solgari’s solution allows us to provide all the digital channels – including video and chat when we require it – while automatically addressing GDPR compliance requirement for data controllers. This is a very powerful solution for the insurance industry.
- Enda Mulchrone, General Manager, Hastings Insurance Brokers