CPNI and PII - Protecting Customer Information- Article no 1637

BOLT provides built-in, intuitive measures to assist you with protecting CPNI / PII information.

When validation is required, the Account Security Validation button and associated buttons / tabs / tasks are highlighted in yellow and locked
In order to discuss / change and unlock protected information, the customer must:
- Authenticate two (2) security questions or the CPNI PIN and 1 security question before discussing or changing CPNI and PII-protected information; customers cannot opt-out of CPNI verification
  - All CPNI PINs are 6 digits; some customers may state less than 6 digits (i.e. 2753)
  - When a customer provides a PIN with less than 6 digits, add preceding 0's (zeros) to bring the PIN to 6 digits (i.e. 002753)
  - Note: the account PIN is found on customer bill statements under the address; it does not display in BOLT
When security information is correctly validated, the tabs and buttons unlock; the protected areas turn blue
- The information remains unlocked until you leave the account
- Accounts linked by Transfer are also open for the duration of contact
If answers do not match, BOLT displays the correct security answers in blue
An exact match may not immediately be reached because of spelling, abbreviations, more words, etc. (i.e. NYC = New York City)
Even though security answers are spelled differently or abbreviated, the answers may indeed be the same; also, uppercase / lowercase letters do not matter
If you determine the customer's answers are correct, type OR copy and paste the answer from the right into the proper field on the left, click Submit and Close
Note: If one tab or button is locked, ALL tabs and buttons are locked; do not make multiple attempts to unlock them if customer cannot verify CPNI
On accounts that have never had security questions set up (or if they were changed back to THIS QUESTION NOT ANSWERED YET), BOLT displays the same message on every tab or button saying Security Validation is not possible
- Present CPNI validation options as normal; keep in mind, the Services, General Ledger, Camps/Special Pricing, MOP/Pymnt Hist and Collections Tabs are viewable without verification
Please see a member of your leadership team with questions or if you need assistance determining if answers match

Introduction

Protecting Customer Information

Taking care of our customers is part of our mission statement, which includes keeping their information safe

Validating the customer before discussing certain information is critical and required in maintaining account security

Before making any changes to, or discussing protected information, you must fully authenticate the caller

CPNI and PII Information

CPNI: Congress and the FCC created rules that telecommunications companies must follow to protect customer privacy on anything related to voice service, called CPNI (Customer Proprietary Network Information; all phone service-related information is CPNI-protected information and includes, but is not limited to:
- Request to disconnect phone service
  - Exception: you may discuss any phone-related information a customer provides to you
  - Example: customer states they made a call to Thailand on June 1, 2017, and wants to know the cost of the call
  - You are permitted to confirm the call was made on that date, since the customer provided that information; however, you cannot provide the cost of the call - or any other information - without verifying CPNI, first
PII (Personally Identifiable Information) is protected the same as CPNI
- This information that, when used alone or with other relevant data, can be used to confirm an individual's identity
- Cable, Data, Email and Home Security information that is PII-protected is highlighted yellow in BOLT and is covered under the same rules:
  - Wi-Fi Password Information or changes
    - Example of CPNI notifications we send to customers
    - Please Note: CPNI is verified at Local Offices, where available; some markets are not staffed for this service, while other markets do not have a Local Office at all. Please see Local Office Information for full details

Resolution Steps

Expand All | Collapse All

CPNI / PII Verification Steps

Steps 1 through 6 must be followed for every customer

Customer must answer two (2) Security Questions OR provide their CPNI PIN and answer one (1) Security Question

If customer cannot verify, advise them to access their Selfcare account where they can add / change their security questions immediately

Note: if they are not yet registered, you may provide the 13-digit account number for set-up

If customer is unable to access selfcare, send a CPNI letter to the Preferred Email Address on file; email address must be on record for at least 30 days prior to the date of this request
If no Preferred Email Address exists, or has been on record less than 30 days, the letter is mailed USPS

Direct customer to go to the local office with current photo ID; provide hours of operation and address

Escalation path for concerned customers with Astound Home Phone Service

If customer has Astound Home Phone Service, put the customer on hold and call Global Support (Help)

Lead puts agent on hold and calls the customer on their Astound home phone line in the account

Lead speaks to the customer, sets up security questions and prior to hanging up, advises customer they are going back to the agent

Lead IM's the agent to let them know customer is setup and that they can proceed with asking security questions

Agent refreshes their screen or exits / re-enters account to verify security questions and proceed with call

Escalation path for concerned customers without Astound Home Phone Service

Call Global Support via conference with the customer and agent

Lead verifies the last payment made; customer must provide exact last payment amount and correct method of payment

Lead verifies last 4 digits of social security number (when available on the account)

Lead then sets up security questions and releases customer back to the agent

Agent asks security questions and continues with the call

If customer is unable to complete all escalation requirements, revert to sending a CPNI letter or customer can present a valid state photo ID at a local office

Outsource Partners Escalation Process: follow your site specific Escalation Path for Account Verification

Send a CPNI Letter in BOLT

In the customer's account, click on button: Send CPNI Letter

Preferred Email Address is in the account: CPNI letter is emailed to the Preferred Email Address on file

CPNI letters are emailed within 10 minutes

Have the customer check their spam and junk mail if they state they have not received it

No Preferred Email Address on file: CPNI letter is sent via USPS to the Service Address, or Billing Address if one is on file

Please allow up to 6 days for delivery

Example of CPNI Letter

Account number and unique pin is provided in the letter; see Letter Follow-up Instructions below

If the need is urgent a customer can authenticate in person at our local office with a valid ID (Exceptions: site 91 / 92 and areas that do not have a local office)

Send a CPNI Letter in ICOMS (BOLT Unavailable)

Special Request Order [SR] screen with order type SRO

One Time Charges [OT] screen

Internet Only and Email Only	RMLPIND
Cable or CI Package	RMLPINC
Landline and Mobile Phone, CP, IP or CPI Package	RMLPINT
Home Security	RMLPINH

Check the Office Only box and hit Enter twice

Work Order Check In screen

Click the Completed radio button, enter your employee number in the Installer field and hit Enter twice to complete the order

A CPNI letter is emailed within 10 minutes when a preferred email address is on file

Have the customer check their spam and junk files if they state they did not receive it

Without a Preferred Email Address, the CPNI letter is sent via US Mail to the Service Address, or Billing Address if one is on file; allow up to 6 days for delivery

If the need is urgent a customer can authenticate in person at our local office with a valid ID

Customer CPNI Email / Letter Follow-up Instructions

CPNI Email Sent: customers click on the first link in the email to set up CPNI and answer security questions

CPNI Letter Mailed via USPS: customers visit https://my.astound.com/forgot_password to set up CPNI, answer security questions and confirm their Preferred Email Address

Missing CPNI Letter

Without a preferred email address on file, a CPNI letter is sent via US Mail to the Service Address or Billing Address, if there is one on file

If more than 6 days have passed since the CPNI Letter was mailed, send another CPNI letter (see steps above)

CPNI Break / Breach

A CPNI Break or Breach happens when CPNI-protected information; may have been made accessible to people or organizations who should not have the information

Immediately report all CPNI procedural breaks and breaches by filling out this form

Customer reports someone without access to their CPNI PIN has information about their phone usage

Law Enforcement reports that Astound property containing customer phone records was recovered in the course of their duty

Missing CPNI PIN

New CPNI PINs may take up to 24 hours to generate

They are auto-populated once daily

New installs, for example, do not have a PIN generated until this script runs

Install orders taken after 6:00pm ET are not updated with a PIN until the next evening

If the CPNI PIN is missing from the account after 24 hours, create a Service Now Ticket to have another CPNI PIN generated

Request to Change CPNI PIN

Authenticate two (2) Security Questions OR CPNI PIN and one (1) Security Question before discussing or changing any applicable CPNI and PII-protected information; customers cannot opt-out of CPNI verification

Once fully verified, create a Service Now Ticket to have another CPNI PIN generated