Non-technical question, more about data protection on a global system.
My customer is trying to expand their global UCCE environment which currently covers EMEA and APAC, so that it also covers USA. Technically it's possible as the Router/Logger are in the UK and the latency will be within Cisco specs and the network design will adhere to UCCE requirements. However, we are advised that storage for call data should be in the USA - yet when a call arrives, even though the CUCM, PG, Finesse and CVP components will be in USA, the calling number still be handled by the Router (UK) and will appear in Logger and AW/HDS databases, also outside of the USA.
All customer recording, analysis, CRM data etc will all be in USA to comply with Personal Information regulations in USA, however does the phone number being handled and stored in UK breach the USA regulations ?
I just wonder if anyone on here has deployed a global system including the USA, and has had to consider this.
If it does break the regulations, then we may consider a separate cluster in USA, then transfer calls between EU and USA as and when required.
No, you will not be be breaching any kind of US regulation. Security requirements for Cisco CCE solutions reflect the requirements of the standards such as GDPR (which is UK law), US Sarbanes-Oxley, and HIPPA to name a few.
This article doesn't explicitly say what you're looking for, but it's a general idea: https://www.cisco.com/c/en/us/products/collateral/customer-collaboration/unified-contact-center-enterprise/white-paper-c11-740413.html
Working for a large Cisco partner, we've done plenty of global call centers where the Central Controller/Distributor were in EMEA, AP, LATAM, or NA and have US numbers were stored. This obviously depends on the country, and with the UK, you won't have that problem. Where as a country like India, you would have to go through the TRAI regulations... rules are different there.
While what @Omar Deen says is correct about the phone number and US regulations, I've had US customers who consider phone numbers part of PII and thus treat is with a lot of sensitivity. So, what you really should be doing is figuring out your business security measures and comparing them to the country you will be servicing. Additionally, if you pass any data into a PV, it will also be written in the HDS.