According to the FCC, “Each year, all telecommunications employees who have access to consumer data must undergo CPNI training to ensure they properly handle the information they have at their disposal.” But what exactly does that entail? The FCC explains it like this: “Customer proprietary network information (CPNI) is the data collected by telecommunications companies regarding a consumer’s telephone calls. It includes the time, date, duration, and destination number of each call, the type of network a consumer subscribes to, and certain other information that might appear on the consumer’s telephone bill. Failure to comply with the CPNI rules, including the annual certification requirement, may subject them to enforcement action, including fines of up to $220,213 for each violation or each day of a continuing violation, up to a maximum of $2,202,123.”[1]
Many compliance companies offer annual filing as a service. However, it’s important to note that a company officer who is involved in daily operations is still required to sign the letter prior to it being filed with the FCC. For those interested in filing on their own, the FCC has provided a basic template as a guide (90168 (fcc.gov)) which may, or may not meet the needs of your company. The annual filing certifies that subscriber data (e.g., telephone numbers, number of calls made, duration, location, and timing of such calls) and the services purchased by the subscriber (call waiting and voicemail) have not been breached. It also certifies that personnel have been trained to safeguard the data and will follow the procedures in place in the event of a data breach. If you do have a data breach, you are required to report it here: https://www.cpnireporting.gov.
As previously mentioned, employee training on CPNI subject matter is an ongoing requirement. It should always be a part of employee onboarding, as well as annual training/knowledge assessments for current employees. The training, just like the filing, can be outsourced; there are several companies who provide guides & online training.
Sandy Beaches Software offers a number of tools and templates in IntegriBill to keep your company in compliance and meet the requirements of the FCC. The changes made to customer data within our system are automatically saved in IntegriBill for later creation of CPNI Letters. It allows you to pull either one specific customer or a group of customers using a customer filter or a specified date range. While the notification does not contain what was changed, it does show that something in the account(s) has been modified and that they should contact customer service if this was something they have not authorized. These letters can then be sent out with your SMTP configuration within IntegriBill.
Visit this link to ensure your company’s FCC compliance and review past filings. https://www.fcc.gov/ecfs