Washington State House of Representatives Office of Program Research |
BILL ANALYSIS |
Technology, Energy & Communications Committee | |
HB 2102
This analysis was prepared by non-partisan legislative staff for the use of legislative members in
their deliberations. This analysis is not a part of the legislation nor does it constitute a
statement of legislative intent.
Brief Description: Regarding records retained by communications providers.
Sponsors: Representatives Morris and Hudgins.
Brief Summary of Bill |
|
Hearing Date: 2/16/07
Staff: Kara Durbin (786-7133).
Background:
Radio communications service companies provide radio communications, radio paging, or
cellular communications service to their customers. Voice-over-Internet-Protocol service
companies provide voice communications over internet telephony.
The Washington Utilities and Transportation Commission does not regulate radio
communications service providers or voice-over-Internet-Protocol providers.
Summary of Bill:
When a covered entity substantially upgrades or replaces their billing or records management
system, the system must be capable of verifying which persons or persons have had access to
customer profile data.
A customer may request release of all customer profile data pertaining to the customer, including
the identity of any individual or entity, internal or external, who has had access to the requesting
customer's records. The customer may request a copy of their records once per year without
charge. The customer may be charged for any subsequent requests. Any customer profile data
collected by a covered entity must be retained and remain accessible for at least two years.
After reviewing his or her customer profile data, a customer must be given an opportunity to:
(1) Contest the accuracy, completeness, timeliness, relevance, or dissemination of his or her
customer profile data;
(2) Correct or amend the customer profile data; and
(3) Request removal or destruction of the customer profile data, unless removal or destruction
would be contrary to federal or state law.
A covered entity must implement adequate security measures to protect customer profile data
and customer records from unauthorized access, loss, or tampering. These security measures
should be consistent with industry best standards that are commensurate with the sensitivity and
amount of customer information being stored on the system.
A covered entity is defined as a radio communications service company or an internet protocol-enabled voice provider.
Appropriation: None.
Fiscal Note: Not requested.
Effective Date: The bill takes effect 90 days after adjournment of session in which bill is passed.