The FCC reminded telecommunications carriers and VOIP providers to that their Customer Proprietary Network Information (CPNI) certifications are due this March. This certification involves carriers and providers dedication to their customers’ privacy. Here’s why this certification is so important.
Most businesses, and even some consumers, invest heavily in security to make sure their information stays private. But what about your phone calls?
That’s where the CPNI rules come in. The FCC requires all telecommunications carriers and interconnected VOIP providers file their annual reports certifying compliance by March 1st of each year. Failure to do so will cost carriers and providers up to $207,314.00 for each violation or each day of a continuing violation. These fines cap at just over 2 million dollars.
CPNI is the data that is collected by these providers and carriers and includes information such as time, date and duration of calls and other information that is available on a consumer’s telecom invoice. The United States Telecommunications Act of 1996 granted the FCC the authority to regulate how CPNI can and can’t be used and further rulings were made in the 2007 FCC CPNI Order to restrict CPNI use.
The 2007 CPNI order rules update:
1. The information that providers can give to third-party marketing firms without the permission of their customers is limited.
2. Call details shared with customer service representatives were defined as to when and how they can be shared.
3. New obligations for carriers were created such as identity verification procedures like account PINs and the verification process must match the information on file with the carrier.
The FCC is responsible to implement and enforce the CPNI rules.
Carriers are required to inform law enforcement and customers when a customer’s CPNI has been breached. With the introduction of online accessibility to accounts, carriers must require password protection for online accounts. Carriers are also required to notify consumers of any changes to their accounts as soon as they occur. Lastly, the FCC requires providers to provide annual updates to consumers with the number of CPNI complaints they’ve received as well as the action they have taken to remedy them.
However, there are still a lot of ways carriers and providers can give out private information without the consumer’s knowledge. Carriers are technically allowed to share CPNI with any of their affiliates, parent companies, or subsidiaries. This means they can share the websites visited, location of devices, use of apps, and more. Although rulings in 2013 have worked to protect consumer’s cellular device information. The problem then lies with the permissions consumers allow applications to use that gives away all of the information to third-parties.
Security is a huge issue, especially in the workplace, read more about the pros and cons of BYOD here and here. A Verify! analysis will give you the security and control your business needs when it comes to critical information on devices, all at a price that makes sense for your business. Our dedicated and experienced analysts provide you with an inventory of accounts and cost-cutting recommendations so you can focus on what matters to you, your employees, and your shareholders. Call us today to get started. And best of all, if we can’t find any savings we won’t send you an invoice. Guaranteed.