Can I use third-party customer service tools that collect personal information in Arizona? What are the requirements?

Based on the additional context documents provided, there are several laws and regulations in Arizona that govern the collection and use of personal information by third-party customer service tools.

Notification Requirements for Obtaining Customer Approval for Limited One-Time Use of CPNI for Inbound and Outbound Customer Telephone Contact [AZAC Title 14, Chapter 2, Article 21, Section 7, R14-2-2107]

If you are using third-party customer service tools that collect personal information in Arizona, you must comply with the notification requirements for obtaining customer approval for limited one-time use of CPNI for inbound and outbound customer telephone contact. A telecommunications carrier may use oral notice to obtain limited, one-time use of CPNI for inbound and outbound customer telephone contacts for the duration of the call, regardless of whether telecommunications carriers use opt-out or opt-in approval based on the nature of the contact. ^[2.1]

Customer Information Security Program [AZAC Title 20, Chapter 6, Article 21, Section 2, R20-6-2102]

A licensee shall implement a comprehensive written customer information security program that includes administrative, technical, and physical safeguards for the protection of customer information. The administrative, technical, and physical safeguards included in the information security program shall be appropriate to the size and complexity of the licensee and the nature and scope of its activities. ^[4.1]

Verification of Customer Opt-Out Approval to Use CPNI [AZAC Title 14, Chapter 2, Article 21, Section 8, R14-2-2108]

If you are using third-party customer service tools that collect personal information in Arizona, you must comply with the verification requirements for customer opt-out approval to use CPNI. Verification of a customer’s opt-out approval must be obtained within one year. Verification of the customer’s approval may be obtained through written, oral, or electronic methods. All verification methods shall be conducted in the same languages that were used in the initial notification. ^[2.2]

Authorized third party commercial driver license examiners; requirements [AZRS 28-5101.03]

If you are a third party commercial driver license examiner authorized in Arizona, you must comply with all quality control requirements prescribed by the department. ^[5.2]

Objectives of Customer Information Security Program [R20-6-2103, AZAC Title 20, Chapter 6, Article 21, Section 3]

Your customer information security program shall be designed to ensure the security and confidentiality of customer information, protect against any anticipated threats or hazards to the security or integrity of the information, and protect against unauthorized access to or use of the information. ^[4.2]

Please note that this response is based solely on the context documents provided. If you have additional questions or concerns, you should consult with a legal professional.

Source(s):

• [2.1] Information Requirements for Customer CPNI Opt-In Notice
• [4.1] Customer Information Security Program
• [2.2] Verification of Customer Opt-Out Approval to Use CPNI
• [5.2] Authorized third party commercial driver license examiners; requirements
• [4.2] Objectives of Customer Information Security Program

Jurisdiction

Arizona

• Privacy