Requirements and Best Practices for Managing a Contact Center for a Federal Agency
Contact centers operated and managed by federal agencies have to follow certain laws, regulations, policies, and other directives. Unless specifically noted, contact centers operated and managed by states or local governments do not have to comply with these same requirements.
Review the requirements and best practices for federal websites if your federal contact center offers information and services via websites.
Access for People with Disabilities (Section 508)
Federal contact centers must comply with Section 508 of the Rehabilitation Act of 1973. Review the requirements and the accompanying guidance to ensure your contact center makes services accessible to individuals with disabilities.
Find out how Text Telephones/Telecommunications Devices for the Deaf (TTY/TDD) enable agencies to extend services to people who are deaf, hard-of-hearing, or speech impaired.
McNamara O'Hara Service Contract Act (SCA)
You need to comply with the McNamara-O'Hara Service Contract Act (SCA) if your agency obtains contractor support for its contact center. The SCA requires payment of existing wage rates and fringe benefits to service employees on contracts that provide services to the federal government.
You should review the following laws and regulations that protect the public’s privacy when interacting with government to ensure your contact center is compliant:
- Privacy Act of 1974
- Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules
- OMB Circular A-130, App 1
Federal Information Systems Security Management
Review Title III of the E-Government Act, entitled the Federal Information Security Management Act (FISMA) (PDF, 61 KB, 16 pages, December 2002) and the FISMA Implementation Project to ensure your contact center is in compliance with the law.
Federal contact centers must comply with laws and directives that protect information and information systems from unauthorized access, use, disclosure, disruption, modification or destruction in order to protect the integrity, confidentiality and availability of the information and information systems.