Professional Documents
Culture Documents
I hereby state and acknowledge that I have received a copy of the CUSTOMER PROPRIETARY
NETWORK INFORMATION COMPLIANCE MANUAL (August 2007 Version), that I am
responsible for reviewing and understanding this Manual, and that I understand that any violation
of the Companys CPNI procedures may result in disciplinary action up to and including
dismissal.
__________________________________
Signature
__________________________
Date
__________________________________
Print name
WITNESSED:
CPNI COMPLIANCE OFFICER
__________________________________
Signature
__________________________
Date
__________________________________
Print name
agents, independent contractors and joint venture partners who handle the Companys
CPNI are aware of these customer privacy safeguards and comply fully with them.
It is the responsibility of all Company employees, agents, independent contractors and joint
venture partners to read and review this Manual, and to seek clarification from the Companys
CPNI Compliance Officer regarding any CPNI-related questions, before accessing, using,
disclosing or distributing CPNI in any manner and for any purpose. It is further the
responsibility of every Company employee, agent, independent contractor and joint venture
partner to comply fully with all federal CPNI requirements, and to seek clarification from the
Companys CPNI Compliance Officer any time that an access, use, disclosure or distribution of
CPNI appears to be questionable.
NOTE: Some companies may retain individuals or entities as agents, rather than as
independent contractors. In common language as well as legal analyses, there is not always a
clear dividing line between agents and independent contractors. Under basic commercial
law, an agent is a non-employee authorized to act on the behalf of the Company and bound by
a fiduciary duty to act in the Companys best interests, whereas an independent contractor is an
entity that completes a task under contract for the Company but is generally responsible to the
Company primarily for the results of its work while remaining generally free to choose its own
means and methods of performing and completing the work. The two terms are often used
interchangeably in business discussions and documents, and appear to overlap somewhat even in
more precise legal terminology.
The agent/independent contractor distinction has significance for CPNI compliance purposes.
For example, as of this time, the FCC has not restricted the provision of CPNI to third parties for
the preparation, rendering and collection of bills for telecommunications services. However, the
Communications Act specifically states that a telecommunications carrier is not prohibited from
using, disclosing, or permitting access to CPNI either directly or through its agents for billing
and several other specified purposes (e.g., protection against fraudulent, abusive or unlawful use
of services). Accordingly, to the extent the Company uses a third party for billing and collection,
the third party will be clearly designated and treated as the Companys agent for that purpose.
The FCCs rules, on the other hand, place stringent restrictions upon CPNI access, use,
disclosure and distribution to independent contractors for marketing purposes. Accordingly, to
ensure compliance with the FCCs marketing restrictions, the Company will designate and treat
any third party to which it furnishes CPNI for marketing and marketing-related uses as an
independent contractor for purposes of compliance with the CPNI marketing rules unless and
until it seeks and obtains a clear legal opinion from FCC counsel that it may do otherwise under
specific circumstances.
VoIP Services: The FCCs CPNI Rules (47 C.F.R. 64.2001 through 64.2011) apply to all
providers of telecommunications services and to all providers of interconnected Voice over
Internet Protocol (VoIP) services.
I. Customer Proprietary Network Information (CPNI)
CPNI is defined in Section 222(f) of the Communications Act as (A) information that relates
to the quantity, technical configuration, type, destination, and amount of use of a
telecommunications service subscribed to by any customer of a wireline or wireless
telecommunications carrier, and that is made available to the carrier by the customer solely
by virtue of the carrier-customer relationship; and (B) information contained in the bills
pertaining to telephone exchange service or telephone toll service received by a customer of a
carrier (except that CPNI does not include subscriber list information).
Generally, CPNI includes personal information regarding a consumers use of his or her
wireline and/or wireless telecommunications services. CPNI encompasses information such
as: (a) the telephone numbers called by a customer; (b) the telephone numbers from which a
customer receives calls; (c) the frequency, duration, timing and location of a customers
phone calls, and (d) the telecommunications and information services purchased by a
customer (including, but not limited to, local exchange, toll, cellular, PCS, paging, data
transmission, call waiting, call forwarding, call blocking, PIC freeze, three-way calling,
conference calling, voice mail, Internet access, call back, caller identification, call trace and
toll denial services).
Call detail information (also known as call records) is a category of CPNI that the FCC
had determined to be particularly sensitive from a privacy standpoint and that may be sought
by pretexters, hackers and other unauthorized entities for illegitimate purposes. Call detail
information includes any information that pertains to the transmission of a specific telephone
call to or from a specific customer, including: (a) the number called (for outbound calls); (b)
the number from which the call was placed (for inbound calls); and (c) the date, time,
location and/or duration of the call (for all calls). The FCC has imposed additional
restrictions upon the release of call detail information over the telephone unless the
requesting party can clearly authenticate himself or herself as the customer to whom the call
detail information applies.
Requests for CPNI from Competing Carriers and Other Third Parties
1. Because of the danger of unauthorized access to CPNI, the Company will not accept,
process or fulfill written or verbal requests by any third party (other than a recognized
law enforcement agency as set forth in Section VI.A above) for a customers CPNI.
This restriction encompasses requests for a customers CPNI by a competing carrier,
including a competing carrier that claims to be an existing or former customers new
carrier.
Requests for CPNI from Competing Carriers and Other Third Parties (contd)
2. A customer may request in writing that his or her CPNI be delivered to a competing
carrier or other third party. If the written request is presented by the customer in person
at the Companys business office, the Company will fulfill it if the customer presents a
drivers license, passport or other government-issued identification that verifies his or
her identity, and that lists an address that is the same as the customers address of
record (see definition above). If the written request is received via U.S. mail or other
recognized delivery service, the Company will call the customers telephone number
of record (see definition above) and/or send a notification of the customers request to
the customers address of record (see definition above) to verify the accuracy of this
request. As noted in Section VI.B.4 above, this is a sensitive area that may place the
Company in the middle of potentially conflicting FCC and statutory policies regarding
CPNI protection and telecommunications competition. Any questions or concerns
regarding the validity of a written request by a customer for delivery of CPNI to a
competing carrier or other third party must be brought immediately to the attention of
the CPNI Compliance Officer. It is the preference of the Company that in such
instances, the requested CPNI be provided directly to the customer, who is then free to
deliver it to the desired third party. However, if the customer cannot be persuaded to
follow this course, the procedures in this paragraph should be followed.
ATTACHMENT 1
SECTION 222 OF THE COMMUNICATIONS ACT
ATTACHMENT 2
FCC CPNI RULES
ATTACHMENT 3
SCRIPT AND FORM FOR
ORAL INBOUND MARKETING CPNI NOTICE
This Notice must be used to obtain a customers oral approval for use of his or her CPNI for the
duration of a single incoming call from the customer to inquire about or order new or additional
services outside of his or her existing category or package of services.
Telephone Number
Date
ATTACHMENT 4
OPT-OUT CPNI NOTICE
This Notice must be used to obtain customer approval to use CPNI for out-bound marketing
campaigns, and to provide or share CPNI with affiliates that provide communications-related
services.
The Notice may be sent to customers in a variety of ways, including by separate mail, as a bill
insert, by facsimile, or by email. The attached model Notice assumes that it will be sent by mail
or as a bill insert.
Customers must be allowed to disapprove by a method or variety of methods that impose no
additional cost upon the customer and that are available 24 hours a day. The attached model
Notice assumes that disapprovals will be made by mail, facsimile or telephone call.
Because no response by a customer to an Opt-Out Notice within 33 days after it is sent is deemed
to constitute the customers approval of the proposed CPNI use, the FCC requires the company
to take substantial measures to ensure that Opt-Out Notices are received, read and understood by
customers.
The Notice must be comprehensible to the ordinary customer, and must not be misleading. It
must be clearly legible, use sufficiently large type, and be delivered in a manner so as to be
readily apparent to the customer. If any portion of the Notice is translated into another language,
the entire Notice must be translated into that language.
If email is used to deliver an Opt-Out Notice, there are substantial additional requirements and
precautions, including: (a) customers must give their express prior approval for CPNI notices to
be sent to them via email; (b) customers must be allowed to reply directly to the email to
disapprove the proposed CPNI use; (c) email notices returned as undeliverable must be sent by
an alternative means (and the 33-day clock reset); and (d) the subject line of the email must
clearly and accurately identify its purpose.
The Notice must specify the entities that will receive the CPNI and the purpose(s) for which it
will be used.
Some examples of the proposed use to be inserted in the third paragraph:
The Company is requesting your approval to
use your CPNI to develop and market new video services for you.
allow its long distance affiliate XYZ Company to access and use your CPNI to design
and develop new toll services and packages for you.
Date________________________________
ATTACHMENT 5
OPT-IN CPNI NOTICE
This Notice must be used to obtain customer approval to provide or share CPNI with
independent contractors, joint venture partners and with affiliates that do not provide
communications-related services.
The Notice may be sent to customers in a variety of ways, including by separate mail, as a bill
insert, by facsimile, or by email. The attached model Notice assumes that it will be sent and
returned by mail or facsimile.
The Notice must be comprehensible to the ordinary customer, and must not be misleading. It
must be clearly legible, use sufficiently large type, and be delivered in a manner so as to be
readily apparent to the customer. If any portion of the Notice is translated into another language,
the entire Notice must be translated into that language.
The Notice must specify the entities that will receive the CPNI and the purpose(s) for which it
will be used.
Some examples of the proposed use to be inserted in the third paragraph:
The Company is requesting your approval to
allow its affiliate _______________ to access and use your CPNI to design and
develop new services for you.
allow its affiliate ________________ to access and use your CPNI to design and
develop new remote banking services for you.
allow its affiliates ______________________________ to access and use your CPNI
to market new services to you.
disclose and distribute your CPNI to ________________, an entity that is not related
to the Company, so that it may develop and market information service to you.
Date________________________________
ATTACHMENT 6
CUSTOMER CPNI REQUEST FORM
Customer Name____________________________________
Date__________________
ATTACHMENT 7
I hereby certify that I am an Officer of Walnut Telephone Company, Inc., and am executing this
CPNI Compliance Certificate as its agent.
I have personal knowledge that the Company and its affiliates listed on Attachment 1 have
established operating procedures that are adequate to ensure compliance with the Customer
Proprietary Network Information rules and requirements in Subpart U of Part 64 of the Federal
Communications Commissions Rules (47 C.F.R. 64.2001 through 64.2011).
The Statement Explaining How the Companys Operating Procedures Ensure Compliance With
the FCCs CPNI Rules attached as Exhibit 1 explains how the Companys operating procedures
ensure that it is in compliance with the foregoing FCC rules during the subject Calendar Year.
The Statement of Actions Taken Against Data Brokers attached as Exhibit 2 describes any
actions taken by the Company against data brokers during the subject Calendar Year.
The Summary of Customer Complaints Regarding Unauthorized Release of CPNI attached as
Exhibit 3 lists the numbers of various types of customer complaints received by the Company
during the subject Calendar Year concerning the unauthorized use of CPNI.
I am making this certification for Calendar Year __________.
_________________________________
Signature
_________________________________
Printed Name
_________________________________
Office Held
_________________________________
Date
Exhibit 1
Walnut Telephone Company, Inc.
STATEMENT EXPLAINING HOW THE COMPANYS OPERATING PROCEDURES
ENSURE COMPLIANCE WITH THE FCCS CPNI RULES
I. Customer Proprietary Network Information (CPNI)
CPNI is defined in Section 222(f) of the Communications Act as (A) information that relates
to the quantity, technical configuration, type, destination, and amount of use of a
telecommunications service subscribed to by any customer of a telecommunications carrier,
and that is made available to the carrier by the customer solely by virtue of the carriercustomer relationship; and (B) information contained in the bills pertaining to telephone
exchange service or telephone toll service received by a customer of a carrier (except that
CPNI does not include subscriber list information).
Generally, CPNI includes personal information regarding a consumers use of his or her
telecommunications services. CPNI encompasses information such as: (a) the telephone
numbers called by a consumer; (b) the telephone numbers calling a customer; (c) the time,
location and duration of a consumers outbound and inbound phone calls, and (d) the
telecommunications and information services purchased by a consumer.
Call detail information (also known as call records) is a category of CPNI that is
particularly sensitive from a privacy standpoint and that is sought by pretexters, hackers and
other unauthorized entities for illegitimate purposes. Call detail includes any information
that pertains to the transmission of a specific telephone call, including the number called (for
outbound calls), the number from which the call was placed (for inbound calls), and the date,
time, location and/or duration of the call (for all calls).
II. Use and Disclosure of CPNI Is Restricted
The Company recognizes that CPNI includes information that is personal and individually
identifiable, and that privacy concerns have led Congress and the FCC to impose restrictions
upon its use and disclosure, and upon the provision of access to it by individuals or entities
inside and outside the Company.
The Company has designated a CPNI Compliance Officer who is responsible for: (1)
communicating with the Companys attorneys and/or consultants regarding CPNI
responsibilities, requirements and restrictions; (2) supervising the training of Company
employees and agents who use or have access to CPNI; (3) supervising the use, disclosure,
distribution or access to the Companys CPNI by independent contractors and joint venture
partners; (4) maintaining records regarding the use of CPNI in marketing campaigns; and (5)
receiving, reviewing and resolving questions or issues regarding use, disclosure, distribution
or provision of access to CPNI.
Company employees and agents that may deal with CPNI have been informed that there are
substantial federal restrictions upon CPNI use, distribution and access. In order to be
authorized to use or access the Companys CPNI, employees and agents must receive training
with respect to the requirements of Section 222 of the Communications Act and the FCCs
CPNI Rules (Subpart U of Part 64 of the FCC Rules).
Before an agent, independent contractor or joint venture partner may receive or be allowed to
access or use the Companys CPNI, the agents, independent contractors or joint venture
partners agreement with the Company must contain provisions (or the Company and the
agent, independent contractor or joint venture partner must enter into an additional
confidentiality agreement which provides) that: (a) the agent, independent contractor or joint
venture partner may use the CPNI only for the purpose for which the CPNI has been
provided; (b) the agent, independent contractor or joint venture partner may not disclose or
distribute the CPNI to, or allow access to the CPNI by, any other party (unless the agent,
independent contractor or joint venture partner is expressly and specifically required to do so
by a court order); and (c) the agent, independent contractor or joint venture partner must
implement appropriate and specific safeguards acceptable to the Company to ensure the
confidentiality of the Companys CPNI.
III. Protection of CPNI
1. The Company may, after receiving an appropriate written request from a customer,
disclose or provide the customers CPNI to the customer by sending it to the customers
address or record. Any and all such customer requests: (1) must be made in writing; (2) must
include the customers correct billing name and address and telephone number; (3) must
specify exactly what type or types of CPNI must be disclosed or provided; (4) must specify
the time period for which the CPNI must be disclosed or provided; and (5) must be signed by
the customer. The Company will disclose CPNI upon affirmative written request by the
customer to any person designated by the customer, but only after the Company calls the
customers telephone number of record and/or sends a notification to the customers address
of record to verify the accuracy of this request.
2. The Company will provide a customers phone records or other CPNI to a law
enforcement agency in accordance with applicable legal requirements.
3. The Company will retain all customer passwords and shared secret question-answer
combinations in secure files that may be accessed only by authorized Company employees
who need such information in order to authenticate the identity of customers requesting call
detail information over the telephone.
4. Company employees will authenticate all telephone requests for CPNI in the same manner
whether or not the CPNI consists of call detail information. That is, Company employees
must: (a) be furnished the customers pre-established password (or correct answers to the
back-up shared secret combinations); (b) send the requested information to the customers
postal or electronic address of record (see definition above); or (c) call the customer back
at the customers telephone number of record (see definition above) with the requested
information.
5. If a customer subscribes to multiple services offered by the Company and an affiliate, the
Company is permitted to share the customers CPNI regarding such services with its affiliate.
If a customer does not subscribe to any telecommunications or non-telecommunications
services offered by an affiliate, the Company is not permitted to share the customers CPNI
with the affiliate without the customers consent pursuant to the appropriate notice and
approval procedures set forth in Sections 64.2007, 64.2008 and 64.2009 of the FCCs Rules.
6. When an existing customer calls the Company to inquire about or order new, additional or
modified services (in-bound marketing), the Company may use the customers CPNI other
than call detail CPNI to assist the customer for the duration of the customers call if the
Company provides the customer with the oral notice required by Sections 64.2008(c) and
64.2008(f) of the FCCs Rules and after the Company authenticates the customer.
The Company may disclose or release call detail information to customers during customerinitiated telephone contacts only when the customer provides a pre-established password. If
the customer does not provide a password, call detail information can be released only by
sending it to the customers address of record or by the carrier calling the customer at the
telephone number of record. If the customer is able to provide to the Company during a
customer-initiated telephone call, all of the call detail information necessary to address a
customer service issue (i.e., the telephone number called, when it was called, and, if
applicable, the amount charged for the call) without Company assistance, then the Company
may take routine customer service actions related to such information. (However, under this
circumstance, the Company may not disclose to the customer any call detail information
about the customer account other than the call detail information that the customer provides
without the customer first providing a password.)
7. The Company uses, discloses, and/or permits access to CPNI in connection with
Company-initiated marketing of services to which a customer does not already subscribe
from the Company (out-bound marketing) only pursuant to the notice and approval
procedures set forth in Sections 64.2007, 64.2008, and 64.2009 of the FCCs Rules. All
proposed out-bound marketing activities are reviewed by the Companys CPNI Compliance
Officer for compliance with the CPNI restrictions and requirements in the Communications
Act and the FCC Rules.
8. The Company maintains appropriate paper and/or electronic records that allow its
employees, independent contractors and joint venture partners to clearly establish the status
of each customers Out-out and/or Opt-In approvals (if any) prior to use of the customers
CPNI. These records include: (i) the date(s) of any and all of the customers deemed Opt-out
approvals and/or Opt-in approvals, together with the dates of any modifications or
revocations of such approvals; and (ii) the type(s) of CPNI use, access, disclosure and/or
distribution approved by the customer.
9. Before a customers CPNI can be used in an out-bound marketing activity or campaign,
the Companys records must be checked to determine the status of the customers CPNI
approval. Company employees, independent contractors and joint venture partners are
required to notify the CPNI Compliance Officer of any access, accuracy or security problems
they encounter with respect to these records.
If new, additional or extended approvals are necessary, the CPNI Compliance Officer will
determine whether the Companys Opt-Out CPNI Notice or Opt-In CPNI Notice must be
used with respect to various proposed out-bound marketing activities.
10. The CPNI Compliance Officer will maintain a record of each out-bound marketing
activity or campaign, including: (i) a description of the campaign; (ii) the specific CPNI that
was used in the campaign; (iii) the date and purpose of the campaign: and (iv) what products
and services were offered as part of the campaign. This record shall be maintained for a
minimum of one year.
11. The Companys employees and billing agents may use CPNI to initiate, render, bill and
collect for telecommunications services. The Company may obtain information from new or
existing customers that may constitute CPNI as part of applications or requests for new,
additional or modified services, and its employees and agents may use such customer
information (without further customer approval) to initiate and provide the services.
Likewise, the Companys employees and billing agents may use customer service and calling
records (without customer approval): (a) to bill customers for services rendered to them; (b)
to investigate and resolve disputes with customers regarding their bills; and (c) to pursue
legal, arbitration, or other processes to collect late or unpaid bills from customers.
12. The Companys employees and agents may use CPNI without customer approval to
protect the Companys rights or property, and to protect users and other carriers from
fraudulent, abusive or illegal use of (or subscription to) the telecommunications service from
which the CPNI is derived.
Because allegations and investigations of fraud, abuse and illegal use constitute very
sensitive matters, any access, use, disclosure or distribution of CPNI pursuant to this Section
must be expressly approved in advance and in writing by the Companys CPNI Compliance
Officer.
13. The Companys employees, agents, independent contractors and joint venture partners
may NOT use CPNI to identify or track customers who have made calls to, or received calls
from, competing carriers. Nor may the Companys employees, agents, independent
contractors or joint venture partners use or disclose CPNI for personal reasons or profit.
14. Company policy mandates that files containing CPNI be maintained in a secure manner
such that they cannot be used, accessed, disclosed or distributed by unauthorized individuals
or in an unauthorized manner.
15. Paper files containing CPNI are kept in secure areas, and may not be used, removed, or
copied in an unauthorized manner.
16. Electronic files and databases containing CPNI are maintained on computers that are not
accessible from the Internet or that are on the Companys intranet behind firewalls that are
regularly monitored and tested for effectiveness. In addition, such electronic files and
databases may be accessed only by authorized Company employees who have been provided
a currently effective strong login ID and password (which password is periodically changed).
17. Company employees, agents, independent contractors and joint venture partners are
required to notify the CPNI Compliance Officer of any access or security problems they
encounter with respect to files containing CPNI.
18. The Company may permit its customers to establish online accounts, but must require an
appropriate password to be furnished by the customer before he or she can access any CPNI
in his or her online account. Such password may NOT be based upon readily obtainable
biographical information (e.g., the customers name, mothers maiden name, social security
number or date of birth) or account information (e.g., the customers telephone number or
address).
19.
Customers may obtain an initial or replacement password: (i) if they come in person to
the Companys business office, produce a drivers license, passport or other governmentissued identification verifying their identity, and correctly answer certain questions regarding
their service and address; or (ii) if they call a specified Company telephone number from
their telephone number of record, and then wait at that number until a Company
representative calls them back and obtains correct answers to certain questions regarding
their service and address.
20. The Company will notify customers immediately of certain changes in their accounts that
may affect privacy or security matters.
a. The types of changes that require immediate notification include: (a) change or request
for change of the customers password; (b) change or request for change of the
customers address of record; (c) change or request for change of any significant element
of the customers online account; and (d) a change or request for change to the
customers responses with respect to the back-up means of authentication for lost or
forgotten passwords.
b. The notice may be provided by: (a) a Company call or voicemail to the customers
telephone number of record; (b) a Company text message to the customers telephone
number of record; or (c) a written notice mailed to the customers address of record (to
the customers prior address of record if the change includes a change in the customers
address of record).
c. The notice must identify only the general type of change and must not reveal the
changed information.
d. The Company employee or agent sending the notice must prepare and furnish to the
CPNI Compliance Officer a memorandum containing: (a) the name, address of record,
and telephone number of record of the customer notified; (b) a copy or the exact wording
of the text message, written notice, telephone message or voicemail message comprising
the notice; and (c) the date and time that the notice was sent.
21. The Company must provide an initial notice to law enforcement and a subsequent notice
to the customer if a security breach results in the disclosure of the customers CPNI to a third
party without the customers authorization.
a. As soon as practicable (and in no event more than seven (7) days) after the Company
discovers that a person (without authorization or exceeding authorization) has
intentionally gained access to, used or disclosed CPNI, the Company must provide
electronic notification of such breach to the United States Secret Service and to the
Federal Bureau of Investigation via a central reporting facility accessed through a link
maintained by the FCC at http://www.fcc.gov/eb/cpni.
22. The Company will provide customers with access to CPNI at is retail locations if the
customer presents a valid photo ID and the valid photo ID matches the name on the account.
23. The Company takes reasonable measures to discover and protect against activity that is
indicative of pretexting including requiring Company employees, agents, independent
contractors and joint venture partners to notify the CPNI Compliance Officer immediately by
voice, voicemail or email of: (a) any suspicious or unusual call requesting a customers call
detail information or other CPNI (including a call where the caller furnishes an incorrect
password or incorrect answer to one or both of the shared secret question-answer
combinations); (b) any suspicious or unusual attempt by an individual to change a customers
password or account information (including providing inadequate or inappropriate
identification or incorrect address or record, telephone number of record or other
significant service information); (c) any and all discovered instances where access to the
Companys electronic files or databases containing passwords or CPNI was denied due to the
provision of incorrect logins and/or passwords; and (d) any complaint by a customer of
unauthorized or inappropriate use or disclosure of his or her CPNI. The CPNI Compliance
Officer will request further information in writing, and investigate or supervise the
investigation of, any incident or group of incidents that reasonably appear to entail
pretexting.
Exhibit 2
Walnut Telephone Company, Inc.
STATEMENT OF ACTIONS TAKEN AGAINST DATA BROKERS
A. During Calendar Year ____, the Company has instituted the following proceeding, or
filed the following petitions, against data brokers before the Federal Communications
Commission:
NONE
B. During Calendar Year ____, the Company has instituted the following proceeding, or
filed the following petitions, against data brokers before the [STATE] Public Service [or
Utility] Commission:
NONE
C. During Calendar Year ____, the Company has instituted the following proceeding, or
filed the following petitions, against data brokers before the [NAME OF COURT]:
NONE
Exhibit 3
Walnut Telephone Company, Inc.
SUMMARY OF CUSTOMER COMPLAINTS
REGARDING UNAUTHORIZED RELEASE OF CPNI
A. During Calendar Year ____, the Company has received the following number of customer
complaints related to unauthorized access to, or disclosure of, CPNI due to improper access
by Company employees:
NONE [OR: LIST NUMBER]
B. During Calendar Year ____, the Company has received the following number of customer
complaints related to unauthorized access to, or disclosure of, CPNI due to improper
disclosure to individuals not authorized to receive the information:
NONE [OR: LIST NUMBER]
C. During Calendar Year ____, the Company has received the following number of customer
complaints related to unauthorized access to, or disclosure of, CPNI due to improper access
to online information by individuals not authorized to view the information:
NONE [OR: LIST NUMBER]
D. During Calendar Year ____, the Company has become aware of the following processes that
pretexters are using to attempt to access its CPNI:
NONE [OR: LIST PROCESSES AND DESCRIBE WHAT COUNTER-STEPS THE
COMPANY HAS TAKEN TO PROTECT ITS CPNI]