Personal Information Privacy Protection Policy

To Protect Personal Information, including Social Security Numbers:

We may collect certain personal information, including Social Security numbers, in the course of our business. We will make what we believe to be reasonable efforts to protect the confidentiality of the personal information we collect, including Social Security numbers.

How do we protect the confidentiality of personal information, including Social Security numbers? Click here to read our Identity Theft Prevention Measures

We protect the confidentiality of the personal information we collect, including Social Security numbers, by maintaining physical, electronic, and procedural safeguards to protect its confidentiality, including:

• Limiting access to personal information, including Social Security numbers, that we collect
  


• Prohibiting unlawful disclosure of the Social Security numbers we collect
  


• Reviewing these safeguards on a regular basis
  


• Training our employees in the proper handling of personal information, including Social Security numbers; and
  


• Requiring that third parties with access to personal information, including Social Security numbers protect its confidentiality

Identity Theft Prevention Measures

1. What is Northeast Utilities doing to help to protect the confidential information of its residential and small commercial and industrial customer accounts?
   Across the Northeast Utilities system beginning on November 1, 2008, our utility companies will implement additional identity theft prevention measures to help us to safeguard our customers’ confidential account information and to ensure only authorized access.
   


2. Why are these additional protections being implemented now?
   The timing of this implementation is in advance of a Federal Trade Commission May 1, 2009, deadline for creditors and financial institutions to develop and implement written identify theft prevention programs to detect, prevent and mitigate “red flags.” A red flag is any activity that may indicate a possible attempt at identity theft related to an existing customer account or the opening of a new account.
   


3. What type of incident constitutes a “red flag”?
   Red Flags are those identity theft patterns or practices that the Company can identify, detect and prevent to protect customers and their utility accounts. One example is someone who tries to use an improper Social Security number to open or access an account. A red flag could also originate in a report from a fraud detection service, or from a law enforcement agency advising the company to beware of a particular pattern of activity.
   


4. What did Northeast Utilities’ utility companies do prior to November 1 to prevent unauthorized access to customer information?
   Northeast Utilities already has existing policies and procedures to mitigate foreseeable risks to customer and company information and to verify a caller’s identity. Northeast Utilities has a new customer service information system (C2) that enhances NU’s electric and natural gas companies’ abilities to implement these additional measures. The Program, effective November 1, 2008, builds additional safeguards into the policies and procedures that the Company already has in place to protect utility accounts.
   


5. To comply with the Program, what additional information, if any, will be required for a customer to access an existing account?
   Someone requesting account information or access will be asked additional questions regarding information about their account in order to verify their identity and their right to access the information. For security reasons, the specific measures are confidential.
   


6. Could these additional information requests mean longer hold times for callers?
   Initially that’s a possibility; however, the calls will proceed quickly as more customers are ready to provide the needed information to access their account.
   


7. What other companies are required to implement these new federal measures?
   The identity theft prevention measures are required of financial institutions and creditors servicing customer accounts involving multiple payments and transactions, including:
   
   
   
   1. Financial institutions (banks, credit unions)
   2. Finance companies
   3. Credit and debit cards issuers
   4. Mortgage brokers
   5. Telecommunications companies
   6. Utilities (water, gas, electric)
   
   
8. What additional protection does the Program provide to customers?
   The Program provides customers with the peace of mind that comes from knowing that the Company is taking appropriate measures to protect and prevent their utility accounts from unauthorized access.