PayTel Vision 

PCI & GDPR: The Ramifications of Non-Compliance

August 9, 2017

Taking telephone payments forms the lifeblood of many businesses. It’s so vital that sometimes organisations just gallop ahead and take payments in any way that suits them.


Their eagerness to bring money in means they often overlook the potentially devastating security flaws that exist within their organisations. However, such flaws could threaten to finish them. It’s as simple as that, whether it’s the direct result of a large fine they cannot afford to pay or the destruction of their reputation, the threat remains very, very real.


Increasingly we see stories in the media detailing large-scale security breaches, but seldom do we hear about smaller enterprises that fall foul of a breach, and who are wiped out as a result of it. Unfortunately, they do exist. If larger organisations can easily slip up due to sloppy security, so can smaller ones.


In October 2016, Talk Talk was fined £400,000 after losing the personal details of nearly 157,000 of its customers. This was simply due to poor internet security.


In 2016, 20,000 of Tesco Bank’s customers had money stolen from their accounts. Had the forthcoming GDPR regulations been in force at the time, Tesco Bank could have faced as much as £1.9 billion in fines.


In 2014, Yahoo had one of many breaches in its history, affecting a gargantuan 500 million users. It wiped $350 million off its valuation.


In 2011, the Sony Playstation Network suffered a breach affecting 77 million users. It was fined £250,000.


In 2010, Brighton & Sussex University Hospitals NHS Trust was fined £325,000 after sensitive patient information ended up for sale on Ebay!


From May 2018, with the introduction of the new General Data Protection Regulation (GDPR), things are getting even tougher. The PCI regulations are also set to tighten up the already extremely stringent regulations with future updates.


Businesses now face a much greater burden to protect their customers’ data and themselves, as the pitfalls for non-compliance are just too severe to risk. In short, their payment processes need to comply with PCI regulations in order to ensure their customers’ data is secure at all times.


But it’s not that simple! Many businesses face an uphill struggle in their efforts to obtain PCI DSS approval. Faced with a set of ever-changing regulations and at least 2000 individual requirements, the process of compliance is both time and cost prohibitive. So, even though non-compliance means exposure to the risk of heavy fines as we’ve already discussed, many businesses feel they have no choice but to accept that risk.


But why not shift the burden of PCI compliance on to us? Using the PCI Level 1 approved products and tools we provide, from 24 hour fully automated payment lines, through to live debt collection services and fully integrated call-centre products, you can easily decouple your contact centre and agents from the rigours of PCI to secure all your customers’ valuable data.


For a cost effective answer to secure the future of your business, just give us a call on 0333 202 1555 or email We’ll be happy to answer any questions you have.



Tags:Telephone payment secure

Share on Twitter
Please reload

Housing Associations: How to Get Paid on Time by Tenants

November 7, 2018

Please reload

Featured Posts

Recent Posts
Please reload