Contact centres are failing to securely store voice recordings that contain personal information including credit card numbers.
A survey carried out by call recording specialist Veritape found that 39% of contact centre managers were aware of the security rules surrounding the storage of voice messages. But only 3% are complaint with these rules.
The company interviewed 133 contact centre managers.
The Payment Card Industry Data Security Standard rules that certain credit card data must not be stored. But call centres are failing to remove information given in voice recordings.
"What we have is a global industry standard that is routinely ignored by call centres throughout the UK," said Cameron Ross, managing director of Veritape. "The storage of this actionable data creates a huge reservoir of sensitive information that is putting the financial resources of millions of people at risk. Despite clean desk policies and the use of encryption, successful hacking incidents are rising steadily."