From my experience in government, both as a customer and as a public servant, I've discovered that when addressing emails from citizens, government agencies often treat email as surface mail rather than as a phone call.
This means that citizens who choose an electronic communications route can often expect response times measured in weeks or months, rather than in minutes or hours.
Personally I find this unacceptable.
In asking why this was the case I have been told that government cannot discriminate based on mode of contact. That we cannot respond faster to customers choosing to use email rather than surface mail - even though a wait of even a few minutes is considered unacceptable for phone calls.
I have also been told by some departments (by phone or via their websites) that they cannot respond by email at all. That to protect my privacy they must send messages via surface mail - that post is more secure, more convenient or more official - even if I am happy to accept the risks and choose to email them.
I saw a similar situation in the private sector five years ago. Companies were unsure whether to treat emails as a postal medium or a a telephonic one.
They did not have a clear understanding of how email worked technically and did not trust its reliability or security (compared to other mediums).
They did not have staff trained or processes in place to handle a high-speed written medium.
Fortunately, at least in the private sector, many organisations are now more mature in their understanding and application of email.
Treat email as a phone call, not as a letter
My solution to ensuring emailing customers get the right level of respect and service in both public and private organisations has remained the same - treat emails as phone calls.
Email is perceived by the community as a nearly instant form of communication, like the telephone or face-to-face.
None of us would let a phone ring for a month before answering it, so why subject customers choosing email to this?
Address security and privacy concerns in a positive manner
Email is often treated with suspicion by organisations, due to perceived security issues in how it is transmitted from place to place and the concern that it is easy to intercept.
However people have adopted email regardless of perceived risks due to its benefits - high speed and low cost with a fast response time. Today, throughout western countries, people send many times more emails, often of a personal nature, than they make phone calls.
Given that government organisations have a greater obligation to protect citizen information than do our customers themselves, how can this be addressed?
I have a three point plan I have successfully used in organisations (including my current agency) to begin to address these concerns.
Three steps to better customer service (by email)
1. Formally assess the risks of email alongside telephony and surface mail
Many organisations have a defacto email security policy, one that has grown from personal opinions, interpretations and often from misunderstandings about the medium rather than through an objective and formal risk assessment process.
This is easy to address - get the legal, technical and customer service people together in a room and assess the risks of each form of customer contact.
It is particularly important to assess relative risk, for example:
- Are the security risks of email greater than for mail, fax, telephony or face-to-face?
- Is postal mail guaranteed to be delivered?
- Is it easier to steal letters from a mailbox than emails from a computer?
- If people choose VOIP telephony, is this treated as email for security purposes?
- Can different levels of privacy be enforced for different mediums/security levels?
Consider different scenarios, for example:
- Are privacy considerations different when the customer initiates (email) communication (with personal information).
- Can customers explicitly provide permission to receive responses (by email) for a set period (even if done by phone or signed fax/letter), accepting responsibility for security?
Consider organisational capability, for example:
- Are staff adequately trained to respond to emails?
Just because people are good on the phone doesn't mean they are good at writing emails! An appropriate etiquette level may have to be taught.
- Is the organisation appropriately resourced to address emails in a timely fashion?
International benchmarks indicate that optimally emails should be addressed in less than four hours, with two days the maximum timeframe people are prepared to wait for adequate service. Can your organisation achieve this - and if not, what mitigations does it put in place to communicate this to customers (who will email anyway!)
Assess customer expectations, for example:
- What do customers expect in terms of privacy in email and other mediums?
- Do they expect the same detail level in responses?
- How fast a response do they expect?
- Do they expect organisations to answer as much as they can can and then refer the customer to another channel?
Out of this it becomes possible to correctly understand the medium's characteristics, the real risks, what customers expect and then determine the mitigations which diminish, remove or defer any critical risks.
2. Change internal policies that do not reflect law
Often side-effect from not having conducted a formal risk assessment, internal email policies may not always reflect the current laws of the land (policy is often stricter).
Once a formal risk assessment has been conducted, you should review and rewrite internal policies on customer communications to reflect the risk assessment outcomes.
These policies should include details on when and how a customer can choose to accept the risks and take ownership of the security of the process.
If you find that there are no written policies, write them down and communicate them widely. They should include the background and 'myth-busters' as well as the code of (email) conduct.
3. Review laws to meet community expectations
Sometimes it's the actual laws themselves which are out-of-step with community sentiment and concerns.
Laws are living things, frequently being amended and adjusted to address new situations and changes in social norms.
Privacy and security laws are no different to other laws in this and require regular review to match citizen expectations - there is no 'right' level of privacy, it is dictated by public opinion.
As such, if your customer sentiment reflects a different view and acceptance of (email) security than do Australia's laws, feed this information back into the policy process.
Change is possible, and it will allow your organisation to provide better customer service as a result.