Customer Service
Grid Modernization

10 tips to secure customer data

Utilities well know that some customers are uncomfortable with utilities — or anyone for that matter — possessing fine levels of information about their lives. But more information means more benefits for everyone, customers included. Granular data means customers can better see their energy use patterns and find ways not only to save energy, but to save money.

If utilities want to implement grid modernization projects, an important first step is making customers feel secure about their data. Utilities don't have to follow model business practices for data use, and regulators are still giving leeway while they consider best practices.

So while regulators and policymakers on all levels look at ways to govern consumer data privacy, not just for electricity meters, utilities can take simple steps of their own that mirror what models released to date share at their core. Here are the Top 10 ways to help customers feel secure.

  1. Get a yes or no answer

The industry consensus is that customers must provide affirmative, written consent in order for utilities to share customer energy use data or personal customer information with third parties. Utilities should maintain a record of this consent.

  1. Limit what's released

Once customers have consented, the data provided to third parties should be limited to the scope and purpose for the consent given.

  1. Be clear on aggregation

Sharing aggregated data generally doesn't require customer consent, but what does aggregated data mean? Utilities should use clear aggregation methodologies to ensure privacy is not breached.

  1. Require a badge

Utilities can release smart-grid data to third parties without prior consent in very rare circumstances — usually to law enforcement or the like. Utilities should release only the data specifically related to the legal request or investigation.

  1. Make access easy, for customers

What is the point of all this data if customers can't use it? Customers should be able to access their data easily and in a reasonably timely manner.

  1. Make it accurate

Utilities should strive to provide data as accurately as possible, though inaccuracies are expected. Customers should have a means to dispute data inaccuracies.

  1. Keep it secure

Securing data is one of the most sensitive aspects of data privacy. Utilities must be diligent in safeguarding customer data — perform regular audits and risk assessments.

  1. Train handlers carefully

Employees handling data should be properly trained to do so. They should have access only to the data they need to perform tasks at hand and surrender all customer information upon departure from the utility. Background checks are recommended.

  1. Educate customers

Educate customers as much as possible about the utility's privacy policies, why their data may be shared, ways they can access their data, and how to file complaints.

  1. Look for liabilities

Utilities may be held liable if a third party breaches a customer's privacy, depending on their local regulations. Be sure to check local governing documents to see if potential liability is mentioned.