Data Privacy & Protection
AEP collects a lot of personal data from customers, employees and business partners. When they share information with us, they expect that we are taking every step possible to protect it. We take that responsibility seriously. AEP’s PII (personally identifiable information) Data Protection Program seeks to protect and secure the personal data we hold related to customers, employees and contractors.
This includes several protective measures such as blocking outbound emails containing unencrypted PII, monitoring employee access to PII, encrypting PII data when the data is “at rest” (not being used actively), and implementing a PII asset certification process. Every year we ask data owners to confirm that the PII in their possession is necessary for business and that it is properly protected. Removing unnecessary or duplicate information is an important step in protecting our customers and others, and for reducing the risk of a loss of PII data.
We launched a Personal Data Portal, which allows PII to be securely transferred into AEP. This includes information that was previously transmitted via email or telephone. In 2017, we also created a management position dedicated to data protection and privacy. This position sits within the Enterprise Security organization to strengthen our commitment to protecting both AEP’s sensitive corporate data and the privacy of our customers, employees and business partners.
While AEP collects significant amounts of data, we take appropriate steps to protect the privacy of all the data we collect.