Representatives of a company that has offshored some Utah state government contract work tried Tuesday to assuage legislators' fears about information security at an India call center.
Cheryl Campbell and Kim Jones of eFunds told the Utah Technology Commission that work at the India center is subject to myriad confidentiality laws and company policies.
"We would be out of business if we were to take these concerns lightly," said Campbell, the company's vice president of government solutions.
Concerns about how Utahns' information is protected cropped up during the commission's April meeting as members voiced concerns about privacy issues when work is done in a foreign country.
EFunds' call center in India handles calls about the Utah Department of Workforce Services electronic Horizons welfare benefits cards as part of its $8 million contract with the department. It handles about 6,500 calls monthly that are advanced from an automated call system. EFunds is in the second year of a five-year contract with the state.
The workers in India are provided with "a very limited data set" to handle the incoming calls, Campbell said. For example, they are not given information about why the caller is eligible for benefits in the first place, she said.
Call center workers are not provided with Social Security numbers or addresses but have access to the name, date of birth, card number and case number, plus the amount in the cardholder's balance.
Disputes about the balance are referred back to a case worker.
"We've designed our applications security in a way that the call center agent only sees that information necessary to handle the calls," she said.
Campbell and Jones said employees are subject to re-employment screening, get security training and sign a document saying they will maintain confidentiality regarding the information they handle.
The workers in India "are eFunds employees, eFunds associates, at eFunds facilities that just happen to be located in a different geographical space," said Jones, the company's director of corporate and information technology security. "They are the same as my eFunds employees in Wisconsin, in Phoenix, in Australia, in Toronto and in the U.K."
Laws regarding information breaches abound, they said, and Campbell said any workers found to be involved in such breaches would be fired.
But Jones said his 18 months at the company have been clean.
"We have not had an issue of customer data being exposed, an employee utilizing that data in an improper fashion, or any compromise of our data in any form or any fashion during that tenure," he said.
EFunds is considered a financial institution, in part because companies, including Visa, rely on them for processing work.
"Major financial institutions, networks as well as governments rely on us to provide a secure environment," Campbell said.
Jones said the company, which has 14 locations in five countries, has an array of both physical and network security in place and even uses a third-party vendor to try to break into the fund networks.
"From an overall protection standpoint, we take a very, very serious and stringent look at maintaining the protections and controls within all of our environments globally," Jones said.
Campbell said eFunds needed to move work offshore in order to remain competitive in the industry.
A workforce services official in April said eFunds is willing to renegotiate its contract to move the call center work back to the United States but that it would cost $63,000 more per year. Having state employees handle the work would cost significantly more, he said.
EFunds' willingness to move the Utah contract work was not discussed by the commission Tuesday.
E-mail: bwallace@desnews.com