Presentation is loading. Please wait.

Presentation is loading. Please wait.

Prepared by Kris Twomey Law Office of Kristopher E. Twomey, P.C.

Published byAmberlynn Warner Modified over 6 years ago

Similar presentations

Presentation on theme: "Prepared by Kris Twomey Law Office of Kristopher E. Twomey, P.C."— Presentation transcript:

1 Prepared by Kris Twomey Law Office of Kristopher E. Twomey, P.C.
CPNI? Prepared by Kris Twomey Law Office of Kristopher E. Twomey, P.C.

2 Summary Background Basics of CPNI Customer-facing Compliance
Marketing and Sales Compliance Recordkeeping Requirements Breach Notifications Questions Try to get you out of here in 30 minutes

3 VoIP Regulation by the Federal Communications Commission
It’s not 2006 anymore—offering voice services to the public is not a hobby E911 FUSF CALEA CPNI VoIP Subscriber Reporting- Form 477 Various Federal Regulatory Fees Besides FUSF Outage reporting Handicap accessibility certification State USF and other requirements

4 Fines by the FCC Enforcement Bureau Regarding CPNI aka Scare Marketing
Take a look at Enforcement Bureau Annual Reminder to File CPNI certification statement $25,000 for failure to file CPNI certifications $1,000 to $6,000 for non-compliant CPNI statements In September, Verizon fined $7.6 million for CPNI marketing violations

5 CPNI- What is it? Fine, what does it even stand for?
Customer Proprietary Network Information… Huh? Information regarding to whom, where, when, how long a customer places or receives a call- CDRs The types of service offerings to which the customer subscribes The extent to which a customer uses a service CPNI does not consist of subscriber list information; customer name, address and phone number; or aggregate customer information

6 How Can Voxox Become Compliant
Need 3 things Certification of compliance due March 1 every year Retail providers must certify that they have not had any CPNI breaches and otherwise properly guard the data In 2009, proposed penalties of $20K to more than 700 companies for failure to file on time CPNI Manual Employee Training- sit here for ½ hour

7 Customer-facing Compliance
Must Have Procedures In Place to Protect CPNI, usually call detail records Password or code to obtain access, otherwise upon a request must it to the address on record Online access must be password-protected For access, form in Appendix 4, page 31 Business/Enterprise Customer Exception

8 Customer-facing Compliance
The Company may use, disclose, or permit access to CPNI, without customer approval: To provide inside wiring installation, maintenance, and repair services. For the provision of customer Premises Equipment and call answering, voice mail or messaging, voice storage and retrieval services, fax store and forward, and protocol conversion. To protect the rights or property of the Company, or to protect users of services and other carriers from fraudulent, abusive, or unlawful use of, or subscription to, such services. To initiate, render, bill and collect for services.

9 Marketing and Sales Compliance
The Company may use, disclose, or permit access to aggregate customer information The Company cannot use, disclose or permit access to CPNI to identify or track customers that call competing service providers. The Company must obtain opt-in consent to share CPNI with a joint venture partner for purposes of a marketing communication Opt-out consent is not permissible Just ask Verizon

10 Marketing and Sales Compliance
Opt-in versus Opt-out Opt-out Permissible: marketing Communications-Related Services to a customer Not Permissible (must be opt-in): For the purpose of marketing non-communications-related services to a customer. To obtain approval to disclose the customer's CPNI to joint venture partners or independent contractors. Just ask Verizon Opt-in All is Permissible

11 Marketing and Sales Compliance
Ok, how do we get there? Company must notify the customer of the customer’s right to restrict use, disclosure , and access to, the customer’s CPNI. For notice requirements, see page of the manual Appendix 3 on page 30 has an opt-out form Any Use of CPNI for any reason must be run by the appointed personnel in Section 2 of the manual

12 Recordkeeping The Company must maintain records for a year of:
its own sales and marketing campaigns that use CPNI all instances where it discloses or provides CPNI to third parties, or where third parties are allowed access to CPNI. customer approval for use of CPNI, as well as notices required by the FCC’s regulations, for a minimum of one year. The Company must maintain records of customer approval and disapproval for use of CPNI in a readily-available location that is consulted on an as-needed basis.

13 Recordkeeping The Company may obtain approval through written, oral or electronic methods. If the Company relies on oral approval, it bears the burden of demonstrating that such approval has been given in compliance with the FCC’s regulations. A customer’s approval or disapproval to use, disclose, or permit access to CPNI must remain in effect until the customer revokes or limits such approval or disapproval. Complaints log on Appendix 5, page 32

14 Notification The Company will take reasonable steps to protect CPNI databases from hackers and other unauthorized attempts by third parties to access CPNI Must notify law enforcement USSS and FBI within 7 business days Must notify customers 7 business days AFTER May be told to hold for an extra 30 days Must notify FCC after 5 days Must retain these records for 2 years

15 Ostriches Don’t Really Put Their Heads in the Sand, Only People Do
Kris Twomey Law Office of Kristopher E. Twomey, P.C.

Download ppt "Prepared by Kris Twomey Law Office of Kristopher E. Twomey, P.C."

Similar presentations

HIPAA Privacy Practices. Notice A copy of the current DMH Notice must be posted at each service site where persons seeking DMH services will be able to.

HIPAA Privacy Practices. Notice A copy of the current DMH Notice must be posted at each service site where persons seeking DMH services will be able to.
Customer Proprietary Network Information (“CPNI”)

Customer Proprietary Network Information (“CPNI”)
Consumer Action Protect Your Phone Records Protect Your Phone Records.

Consumer Action Protect Your Phone Records Protect Your Phone Records.
HIPAA: An Overview of Transaction, Privacy and Security Regulations Training for Providers and Staff.

HIPAA: An Overview of Transaction, Privacy and Security Regulations Training for Providers and Staff.
Independent Contractor Orientation HIPAA What Is HIPAA? Health Insurance Portability and Accountability Act of 1996 The Health Insurance Portability.

Independent Contractor Orientation HIPAA What Is HIPAA? Health Insurance Portability and Accountability Act of 1996 The Health Insurance Portability.
HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.

HIPAA Privacy Training. 2 HIPAA Background Health Insurance Portability and Accountability Act of 1996 Copyright 2010 MHM Resources LLC.
Confidentiality and HIPAA

Confidentiality and HIPAA
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.

Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
NAU HIPAA Awareness Training

NAU HIPAA Awareness Training
WHAT IS HIPAA? The Health Insurance Portability and Accountability Act of 1996 (HIPAA) provides certain protections for any of your health information.

WHAT IS HIPAA? The Health Insurance Portability and Accountability Act of 1996 (HIPAA) provides certain protections for any of your health information.
COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.

COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.
The FTC Do Not Call Registry Training

The FTC Do Not Call Registry Training
CALEA Compliance in 2006 H. Michael Warren Vice President, Fiduciary Services NeuStar, Inc February 2006.

CALEA Compliance in 2006 H. Michael Warren Vice President, Fiduciary Services NeuStar, Inc February 2006.
Head in the Sand? Regulatory Requirements and Pitfalls for VoIP Providers in the U.S. Prepared by Kris Twomey Law Office of Kristopher E. Twomey, P.C.

Head in the Sand? Regulatory Requirements and Pitfalls for VoIP Providers in the U.S. Prepared by Kris Twomey Law Office of Kristopher E. Twomey, P.C.
Upcoming Regulatory Filing Obligations for VoIP Providers Presented by Kris Twomey Law Office of Kristopher E. Twomey, P.C. FISPA-Sponsored Webinar January.

Upcoming Regulatory Filing Obligations for VoIP Providers Presented by Kris Twomey Law Office of Kristopher E. Twomey, P.C. FISPA-Sponsored Webinar January.
ROLES & RESPONSIBILITIES PRIVACY ACT (PA) SYSTEMS OF RECORDS MANAGERS.

ROLES & RESPONSIBILITIES PRIVACY ACT (PA) SYSTEMS OF RECORDS MANAGERS.
Outside Business Activities and Selling Away

Outside Business Activities and Selling Away
FAMILY EDUCATIONAL RIGHTS AND PRIVACY ACT Electronic Signatures This work is the intellectual property of the author. Permission is granted for this material.

FAMILY EDUCATIONAL RIGHTS AND PRIVACY ACT Electronic Signatures This work is the intellectual property of the author. Permission is granted for this material.
INTERNET and CODE OF CONDUCT

INTERNET and CODE OF CONDUCT
Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Data Protection Paul Veysey & Bethan Walsh. Introduction Data Protection is about protecting people by responsibly managing their data in ways they expect.

Similar presentations

Ads by Google