Trillium Insights

Thoughts and Insights from Trillium's Practice Leaders

Why Should I Care About the Customer Experience Our Company Provides?

Why Should I Care About the Customer Experience Our Company Provides?

In New Media‘s 2018 “Serial Switcher” report, it reveals that poor customer service is costing businesses more than $78 billion annually.  That is an increase of over $12 billion from their last report in 2016.

The report states that “The number of U.S. consumers who reported leaving a business due to an inadequate customer experience increased from 49 to 67 percent” between 2016 and 2018.

The key reasons for people leaving are:

  1. Customers not being able to speak to a person that can provide them with a solution to their problem
  2. Customers experience unhelpful/rude customer service personnel
  3. Customers not feeling appreciated
  4. Customers being passed around from person to person
  5. Customers are being put on hold for an extended period of time

When the customer experienced poor customer service, 39% said they would not use the company again and 28% said they would post an online review.  These numbers will likely continue to increase as our economy becomes more service-based.

Brenda Dunn Kinney, Trillium Solutions Group’s Senior Vice President of Customer Experience believes that “If you are building a great brand and desire to have a value exchange with your customer. The organizations listening mechanisms need to be able to act immediately to your customer needs.” The NewVoiceMedia survey was focused on end consumers (B2C) as opposed to B2B businesses, but Brenda also believes that “B2B business are behaving in a similar way and are more frequently re-evaluating supplier and service contracts based on the service they are receiving.”  

There are positive implications on a company that focuses on their customer’s experience.   The NewVoiceMedia survey has some very positive things to say about companies that focus on their customer’s experience. If a company provided good customer service, “65 percent of customers would recommend the company to others” and “48 percent of customers would spend more money”. 

In the age of digital transformation, the customer experience your company provides will make the difference between the success or failure of your business.  


A Customer Experience Recovery During a Major Power Outage

A Customer Experience Recovery During a Major Power Outage

As the result of a recent storm our power went out.  It was a bad storm that knocked out service for hundreds of thousands of people in Chicago.  Our power provider suggested that customers use their mobile app to report the power outage and to check back to see the status of the outage.  Periodically, my wife and I would check the mobile app to see if there was any updated status, and we continued to see a notice saying that the outage was widespread and that no restore time was available.  After 20 hours without power and no help from the mobile app, I decided to give our power provider a call.   I sat on hold for over 45 minutes, and finally was connected to a live agent.

After she introduced herself, I asked her how busy her day was going, and she calmly told me that she had been working hard all evening.  Her demeanor was calm and polite.  I informed her that the reason for my call was that the mobile app status was not providing any useful information.   She expressed her disappointment about the delay in the mobile app being updated and proceeded to tell me that our outage was affecting a number of homes in our community.  She said, based on her years of experience with the power provider, that even though our specific outage was not on the repair schedule yet, she anticipated that our power would be restored within 2 hours and that if it was not, that I should call back and they would be in a better position to give me more accurate information.  I thanked her and told her that she was an outstanding agent and what a difference her approach and attitude made during a very stressful time.  She politely thanked me and asked if there was anything else she could do.

I was concerned for the food that was in the refrigerator and the freezer and that the temperature in our house was continuing to drop, but I felt confident that what the representative told me was accurate.  Less than 2 hours later our power was restored.

Polite and informed customer experience agents can make all the difference to a company’s brand.  A negative experience can often lead to churn which impacts the bottom line of your business.  It is crucial that your agents have the tools and processes in place to support your customers.  Your business depends on it.

Maintaining Data Privacy in the Contact Center

Maintaining Data Privacy in the Contact Center

Most of us have interacted with a contact center and heard the phrase “This call may be recorded for quality or training purposes”.  GDPR and some of the new US-based state-wide privacy regulation have an impact on the policies and business process for call centers.  One of the main changes is the justification of the contact center to record the call.   Contact centers can no longer justify recording the call for training or quality purposes.  To be able to record the conversation, the organization must meet one of the following reasons:

  • The people involved in the call have given consent for the call to be recorded
  • Recording is required for regulatory or legal reasons
  • Recording is necessary to fulfill a contract
  • Recording is necessary to protect the vital interests of one or more participants
  • Recording is in the legitimate interests of the recorder, unless those interests are overridden by the interests of the participants in the call
  • Recording is in the public interest, or necessary for the exercise of official authority


This has necessitated organizations develop an effective recording policy for its employees.  In order to do this an organization must do the following:

  • Identify all of the recording devices that the organization uses.  This includes, phone, online meeting applications (Zoom, Skype for Business, GoToMeeting, etc.)
  • Identify all of the parties that will be covered by the policies.  This includes both employees, 3rd party contractors and BPO organizations
  • Develop a recording, retention and destruction policy to ensure recordings are created, managed, and disposed of in accordance with applicable regulatory record-keeping requirements and business needs. This should include who has recording authority and under what circumstances. It also should include the controls to ensure adherence to the policy
  • Provide education on established policies
  • Execute the controls to ensure adherence to the policy.

The penalties associated with failing to meet regulatory compliance can be high.  Take the steps necessary to ensure that your contact center is well positioned to be successful with new data privacy regulations.

Increased Cybersecurity and Data Privacy Requirements

Increased Cybersecurity and Data Privacy Requirements

On May 25, 2018, the European Union’s General Data Protection Regulation (GDPR) went into effect.  GDPR is the legal set of guidelines for the collection and processing of personal information within the European Union (EU.)   GDPR rules impacts organization that offer goods and services to people in the EU or collect and analyze personal data tied to EU residents.  In the United States, several states are implementing laws similar to GDPR.  Among the most aggressive states to establish such laws are New York and California. 

The New York Law, Cybersecurity Requirements for Financial Services Companies, relates to information maintained by organizations that operate in the banking, insurance, or financial services industries.  It was passed in March 2017 and has staggered effective dates for various aspects of the law, ending with all parts needing to be in full effect by March 2019.  The California Law, the California Consumer Privacy Act of 2018, is a broad, sweeping law concerning digital privacy, allowing consumers significant control over their online personal information.  It was passed in June 2018 and has an effective date of January 2020.  While there are different requirements in each law, both laws require policies, processes, and systems to support the secure management of online Personally Identifiable Information (PII) by companies.  Some of the requirements for maintenance of PII include:

  • Documented cybersecurity programs to protect information systems from intrusion
  • Documented cybersecurity policies related to information security, including data governance and classification; asset inventory and device management; access controls and identity management; business continuity and disaster recovery; systems operations and availability concerns; systems and network security; systems and network monitoring; systems and application development and quality assurance; physical security and environmental controls; customer data privacy; vendor and third-party service provider management; risk assessment; and, incident response.
  • Annual penetration testing and bi-annual vulnerability assessments
  • Audit trail of transactions to reconstruct activities and transactions
  • Limited access to data as needed and review of access privileges
  • Documented procedures, guidelines, and standards for secure application development
  • Periodic risk assessments along with documentation on risk mitigation)
  • Documented third-party service provider policies including limitation to nonpublic data
  • Multi-factor authentication to limit unauthorized access to PII
  • Documented policies and procedures for disposal of PII
  • Training on cybersecurity awareness, and risk-based policies, procedures, and controls to monitor authorized user activities and detect unauthorized user access to PII
  • Implementation of controls on PII to protect such data, including encryption
  • Documented incident response plans in the event of a breach
  • Notices to appropriate authorities in the event of cybersecurity breaches
  • Disclosure of PII as well as use of that information to consumer on request
  • Disclosure of PII that is sold by business on consumer request
  • Deletion of PII collected by business on request of consumer along with appropriate methods to do so
  • Consumer opt out of business sale of PII along with appropriate methods to do so

US companies can be assessed financial penalties both by states and consumers for violations.  Therefore, it is critical that your organization’s PII is protected.  Many US companies are already familiar with data privacy, because of Health Insurance Portability and Accountability Act (HIPAA) data rules for Protected Health Information (PHI,) so the new data privacy laws are not a new concept.  These new PII laws will likely be introduced by other states in the near future.  Trillium has significant experience in privacy and cybersecurity and can perform the analysis on your systems to determine what may be needed to bring your organization into compliance as well as to create the roadmap you will need.