CPNI Operating Procedures
STATEMENT OF CPNI OPERATING PROCEDURES
1. It is the policy of NITCO (the “Company”) not to use, disclose, or permit access to Customer Proprietary Network Information (“CPNI”), as defined in the FCC’s rules, for any purposes other than the following, all of which are permitted without customer approval under FCC rules:
a. For the purpose of providing or marketing Company service offerings among categories of service (i.e. local, interexchange) to which the customer already subscribes.
b. For the purpose of providing inside wiring installation, maintenance, and repair services.
c. For the purpose of marketing “adjunct-to-basic” services, such as speed dialing, computer-provided directory assistance, call monitoring, call tracing, call blocking, call return, repeat dialing, call tracking, call waiting, caller I.D., call forwarding, and certain centrex features.
d. For the purpose of protecting the rights or property of the Company, or to protect users of its services and other carriers from fraud, abusive, or unlawful use of or subscription to such services.
2. The Company has established a program to inform and train personnel that they may not use, disclose, or permit access to CPNI for any purpose other than those set forth above. At present, the Company does not engage in outbound marketing using CPNI. The Company has an express disciplinary process in place to discipline violations of its CPNI policy.
3. Because the Company does not use, disclose or permit access to CPNI, except as described above, by definition, it does not need to maintain a record of sales and marketing campaigns that use customers’ CPNI, or of instances where CPNI is disclosed to third parties, or where third parties were allowed access to CPNI.
4. Because the Company does not use CPNI except as described above, the Company does not utilize a notification and customer approval process (i.e., an Opt-Out or Opt-In process). If the Company changes its marketing procedures, an appropriate customer notification process will be instituted.
5. With respect to customers’ online access to their billing and other information, the company does not provide online access to any CPNI until the customer requesting such access provides a password that has been established by the customer without the use of readily available biographical information or account information.
6. Customers who contact the Company via inbound calls are not able to access their call detail information. If, in the future, the Company decides to convey call detail information to customers seeking such information via inbound calling, then the Company will take measures to secure the customer information with proper authentication, including the use of passwords and other methods that comply with FCC rules to protect call detail information.
7. Customers who present themselves at the Company’s retail location and who request CPNI are asked for proper photographic identification (i.e., state issued driver’s license or the equivalent). CPNI will be disclosed only if the customer presents valid photo ID matching the customer’s account information.
8. The Company will notify the customer immediately if the customer’s address of record is created (except at the time of service initiation) or changed. This notification is made by mail to the customer’s pre-existing address of record, and does not reveal the changed information.
9. In the event of any breach of a customer’s CPNI as described in section 64.2011 of the FCC rules, the Company will, as soon as practicable and in all events within seven (7) days of determination of the breach, notify law enforcement through htm://www.fcc.gov/eb/cpni, and subsequently notify the customer(s), in accordance with the procedures and in the sequence prescribed by that role section. The Company will maintain a record of any such breaches and notifications for at least two (2) years.
10. The Company has in place a supervisory review process regarding compliance with its CPNI policy