Based on the findings from their recent survey, Metrigy has authored a new report: What UC&C Leaders Need to Know About Compliance. The report explores emerging UC&C challenges, the potential regulatory and business risks of non-compliance, and how the right solutions help organizations keep their teams collaborative and their customers’ data secure.
What unified communications & collaboration leaders need to know about compliance
Understand emerging unified communications and collaboration (UC&C) compliance challenges and the regulatory and reputational risks of non-compliance with this data-led report from Metrigy.
What UC&C Leaders Need to Know About Compliance
Explore emerging unified communications and collaboration challenges, the risks of non-compliance, and how the right solutions can help mitigate those risks
Metrigy’s survey found that approximately 30% of respondents have approached compliance challenges by blocking access to emerging communications and collaboration applications and features—despite the availability of solutions that allow employees to use these platforms compliantly, while keeping data secure.
UC&C, business, and IT leaders are operating in an increasingly complex landscape and must often manage myriad challenges, including emerging technologies, growing threats to customer and business data, and adherence to elaborate regulations. Metrigy’s report investigates a range of these risks and challenges, including:
- Organizational need for scale and reliability
- The continually evolving application landscape
- The need for a unified inbox/view
- The ongoing rise of generative AI
- Non-compliance from employees’ off-channel communications
- The need for simplified, consolidated data retention
- Increasing demand for data insights
Increasingly complex regulations
While not all firms are subject to all regulations, UC&C leaders must be aware of the regulations that apply to their organizations and the compliance risks that may affect their operations. If mishandled, they could experience non-compliance risks such as enforcement actions, fines, data leaks, reputational damage, and legal action.
Regulations that firms may be subject to include:
- The Dodd Frank Act: Implemented in response to the 2008 financial crisis, this series of reforms intends to increase financial stability and consumer protections as well as recordkeeping related to communications and trading activities.
- The General Data Protection Regulation Act (GDPR): This far-reaching regulation protects the personal data of EU citizens by mandating clear consent for the regulated usage of that data. It governs the collection, storage, and access of the personal data of EU citizens, but affects any organization that has EU customers or website visitors. Organizations that violate the GDPR may be subject to high financial penalties.
- The California Consumer Privacy Act (CCPA): Like the GDPR, the CCPA is designed to protect the data privacy of California residents by giving them ownership over how their personal information is handled by businesses. Since its introduction, the CCPA has been enforced with several high-profile, multimillion-dollar fines. Additionally, the California Privacy Rights Act (CPRA) amendment to the CCPA introduced legislation that grants Californian consumers the right to correct inaccurate personal data, and to limit the usage and disclosure of sensitive personal information.
- The Health Insurance Portability and Accountability Act (HIPAA): These regulations govern how organizations are allowed to capture and use people’s health information. HIPAA most commonly applies to healthcare providers, insurance companies, and U.S.-based data clearinghouses.
While communications compliance concerns are most acute among regulated industries like financial services, all companies have need to ensure their communications data is secure and auditable in accordance with operating law, and to avoid risks such as data loss. Legislation such as the Department of Justice (DOJ) Evaluation of Corporate Compliance Programs (ECCP) have expanded expectations around effective compliance, data capture, and data and risk management to apply to businesses outside of traditionally regulated industries.
