Due to the basic nature of the maintenance business, customer data often consists of sensitive information, such as the customer’s contact information, door codes, contracts and historical data. This is all the more reason for why maintenance companies should always take special care when processing customer data. Special care should also be taken to make sure the processing is always appropriate and properly planned.
Customer data is usually stored electronically, but in some companies, data is also stored in handwritten or printed form in office folders. Previously, it was much more common to write down future maintenance requests first on a piece of paper, and then directly call the free maintenance man. However, today there are easier and more secure solutions for this with the help of an electronic work control system.
Maintenance companies must use customer data in as much detail as possible every day, so that the nature of work requests and preliminary information can be recorded as accurately as possible for maintenance tasks.
Below, we list five practical tips on how service companies can pay better attention to the processing of customer data.
1. Printing gig information on paper?
In keeping to the old formula, many maintenance workers may still print out the day’s maintenance tasks on paper and take them with them to work gigs. Printing customer information on paper and taking it out of the office is a big security risk. Papers cannot be secured with passwords, and if they are lost, anyone has access to the sensitive data that could be on them, which could be used to obtain information about e.g. door codes and security locks.
With an electronic work control system, work tasks are transferred during the worker’s journey on his own mobile phone. Customer data remains secret from outsiders, as access to it would require the password for the device and the application itself.
2. Who has the right to view and edit customer data?
It is good to think internally about who and what kind of rights are given to different employees. For example, who has access and editing rights to the data of all customers? Does a maintenance man working in one area need to see the information of customers in another area, and vice versa? The work control system can be used to limit user rights. In addition, the user IDs for the system must be invalidated for old employees.
3. Service station conversations
In smaller service companies, the service person may answer calls directly from the customer, for example when working the night shift. The maintenance guy should take into account what kind of things he asks the customer and repeats out loud in a public place. For example, contact information and door codes should always be written down in a safe place where there are no other people around who could listen to the conversation. The same rules also apply to your company’s subcontractors.
4. Processes and operating instructions for processing personal data?
Service companies should think about the company’s internal operating models for the safe handling of customer data. Do the personnel in key positions receive enough instructions for the secure handling of customer data? How often should staff change passwords and are passwords in a secure place and not just on a piece of paper on the desk? Do you send attachments related to the customer’s personal data via secure email, or do you share sensitive things such as passwords and contracts with two separate emails, for example, so that the username and password pairs are not sent to the same email for security reasons? Subcontractors must also take every precaution possible and treat customer data confidentially.
5. New operating methods for managing customer data
If you do not have an electronic work control system in use, it may be a good idea to consider purchasing one as customer data would then be kept safely on reliable and encrypted servers; access to them always requiring a password. If you already use electronic time tracking, it is a good idea to consider a reliable service provider that stores customer data properly, safely and in accordance with all rules. Together with the service provider, it is good to think who has access to sensitive data, how well and where the data is protected and how to optimize the safe use of that data. It is also advisable to check the contracts and chains of contracts related to the processing of personal data between the service provider and your company.
Data integrity is currently one of the most important aspects of security for all companies. Data breaches and other threats related to information security have increased tremendously in recent years. Every company can become the target of a data breach. Due to the sensitivity of customer data at service companies, in terms of security and the company’s reputation, the information ending up in the hands of outsiders would put a lot of hindrance on the company’s operations. It is good to remember that laws also govern the processing of personal data, and for example the GDPR implemented in all EU countries defines precise operating instructions and requirements for personal data controllers.
You can also read more about our VALPAS work control system.
Read more about VALPAS or consider booking an online demo to discuss more about our electronic work control system. We will be happy to answer all your questions.