Metropolis is committed to protecting the privacy and security of all our partners and stakeholders. Information security and privacy are prime considerations for all activities undertaken by Metropolis.
Metropolis will secure information from unauthorised access and tampering by providing a secure electronic and physical environment where information is accessible only by authorised parties – internal and external to the organisation.
The management of all information technology systems and processes must comply with the following requirements:
- all servers hosting Metropolis metering data and network management systems – including primary and secondary production servers, back-up servers and development servers – are to be located in a secure environment in a physically separate location from operational activities and staﬀ;
- service continuity is to be protected with the availability of back-up production systems and daily data back-ups in a separate location to primary production servers;
- a business continuity plan must be maintained and periodically tested;
- all conﬁdential data must be held on systems and servers within the borders of Australia;
- conﬁdential data may not be transmitted, carried or held – directly or indirectly – outside of Australia;
- physical and remote access to production and back-up systems must be tightly controlled and restricted to authorised information technology personnel;
- all information technology systems, including work stations and emails must be password protected.
- all conﬁdential data must be encrypted when held in storage or transmitted;
- no services or applications hosted from a cloud computing provider’s servers (ie. cloud services) may be used – all applications and data must be hosted on controlled servers; and
- conﬁdential data must not be held or controlled by third parties or via third party systems.
Privacy The term
“Personal Information” means any information from which a person’s identity and contact details is apparent or can be reasonably ascertained.
In order to provide metering services to market participants in the National Electricity Market, Metropolis is provided with the Personal Information of electricity account holders by electricity Retailers for the purpose of installing, maintaining, testing and repairing metering installations.
Metropolis may request updated personal information from the current electricity Retailer for a connection point from time-to-time.
All personal information is held by Metropolis on secure servers under our direct control and located in Australia.
Metropolis treats all Personal Information as confidential and does not share Personal Information it holds with third party agencies except as required by law or in the performance of our duties under the National Electricity Rules.