Think of it this way: most BPO firms are based in the United States. That being said, these companies are American entities, answerable to the federal law. For example, if you are a credit card user who found out that your card was used fraudulently, you can ask your service provider about the unauthorized services. If it turns out that the unauthorized use was performed by an agent at a BPO firm utilized by your credit card provider, then you can sue both entities. You have the potential to get settlement from both organizations. This means that the two organizations are held liable in case your personal information is compromised. This will ensure that they will both strive to safeguard your information.
Aside from the looming threats of litigation, BPO firms ensure your security by imposing stringent security measures. They have secure work stations with monitored network access. All data are encrypted and stored in secure databases. Agents are not allowed to bring storage devices, cameras, mobile phones or other related gadgets on the floor. Biometric scanners and proximity sensors are utilized in each office to ensure that only authorized personnel have access to the floor. Finally, all these measures are looked over by someone in security who sits in front of a monitor with live CCTV streaming of whatever is happening on all the floors.
Given all the things mentioned above, we can confidently conclude that BPO firms will try their utmost to protect your data. If the information leaks out, then you can sue both your service provider and the BPO firm.