70 likes | 236 Views
Data Privacy Procedures. Martin Mintz July 29, 2006. Agenda. Overview Definition New procedures Action Plan. Overview. Due to current market conditions, Data Privacy is a major concern in the industry New contract has specific Privacy Schedule
E N D
Data Privacy Procedures Martin Mintz July 29, 2006
Agenda • Overview • Definition • New procedures • Action Plan
Overview • Due to current market conditions, Data Privacy is a major concern in the industry • New contract has specific Privacy Schedule • Amdocs has agreed to tighten its data privacy procedures • All procedures are not nice to have but Mandatory • Failure to comply could cause significant contractual issues • It is our responsibility for everyone to comply
Privacy Definitions • Sprint Restricted Data • Information about persons or entities that Amdocs receives or derives in any manner relating to prospective, former or existing customers and employees of Sprint who are subscribers, its Affiliates, partners, suppliers and contracting parties. Sprint Restricted Data includes, without limitation, information such as names, addresses, telephone numbers, electronic addresses, social security numbers, passcodes, credit card numbers, product and service purchase and usage information, frequent flier information, account information, credit information, and demographic information • Privacy Restricted Data • a subset of Sprint Restricted Data and includes specific information that Sprint deems needs additional security beyond the provisions included in Sprint Restricted Data, such as: Credit card information, Social Security information, passcode and other data elements agreed upon by the parties as needed.
Procedures for Sprint Restricted Data • This is not business as usual • No matter what all Sprint data is sensitive and must be treated so • For all transactions on Sprint and Amdocs networks and between these networks – no change in how we operate • For any transactions that contain Sprint restricted data on external networks (e. lightbridge etc) data must be encrypted
Security Procedures • For all transactions on Sprint and Amdocs networks and between these networks – no change in how we operate • For any transactions that contain Sprint restricted data on external networks (e.g lightbridge etc) data must be encrypted • NO account information can be sent in emails to external mail accounts except Sprint accounts UNLESS replying to Sprint initiated email that contains non Sprint emails • Routine emails with Sprint with less than 25 customer accounts in – no change in process • Emails with 25+ accounts – protect document with password (word, excel) and send password in separate email of voicemail
Security Procedures • All customer information needs to be stored in a secure manner • NEVER send Sprint information to non Sprint source • Encryption on Laptops • Mandatory to use Safehouse on all Laptops • Mandatory to ensure All Sprint documentation resides within safehouse • No files or documents or logs to be stored on any laptop drive beside within safehouse