OATI Prepared for DOE’s Smart Grid Voluntary Code of Conduct

Open Access Technology International, Inc. (OATI) comprehensive internal controls exceed standards in the Department of Energy’s (DOE) voluntary Data Privacy and Smart Grid code of conduct.

Minneapolis, MN: February 10, 2015 – OATI maintains a comprehensive set of internal controls related to the DOE’s voluntary Data Privacy and Smart Grid Code of Conduct. OATI continuously monitors and tracks the development of various industry standards to ensure continuous adoption and implementation of industry “best practices.” As a result, OATI annual examinations now include SSAE 16 (formerly SAS 70), ISAE 3402, North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP), National Institute of Standards and Technology (NIST), WebTrust for Certificate Authorities (CAs), and North American Energy Standard Board (NAESB) Wholesale Electric Quadrant-012 (WEQ) Public Key Infrastructure (PKI) standards.

OATI has tracked the United States DOE’s efforts in developing Data Privacy and the Smart Grid: A Voluntary Code of Conduct (VCC). In conjunction with the Federal Smart Grid Task Force and others, the DOE held a series of workshops related to Smart Grid Privacy. These workshops shaped the VCC for utilities and third parties utilizing multi-stakeholder input. The VCC was released for public comment on September 12, 2014. The comment period remained open until October 14, 2014 and responses were considered for incorporation into the VCC. The final version of the VCC was completed on January 08, 2015 and announced by President Barack Obama on January 12, 2015.

The VCC provides a series of guidelines for safeguarding the privacy of customer data. The purpose of the VCC is to:

(1) encourage innovation while appropriately protecting the privacy and confidentiality of Customer Data and providing reliable, affordable electric and energy-related services;
(2) provide customers with appropriate access to their own Customer Data; and
(3) not infringe on or supersede any law, regulation, or governance by any applicable federal, state, or local regulatory authority.

Key aspects of the VCC include customer notice and awareness, customer choice and consent, data access, data integrity and security, and self-enforcement and redress.

Adoption of the VCC will add to an already extensive list of standards that OATI adheres to on a voluntary basis. As the premier Software as a Service (SaaS) provider to more than 1,800 customers in North American Energy Industry, OATI is committed to maintaining the highest standards of data security and confidentiality.

Conformance with industry standards helps support OATI’s innovative software solutions that simplify, streamline, and empower the operational tasks required in today’s energy commerce and Smart Grid. OATI successfully deploys large, complicated, and diverse mission-critical applications committed to industry standards and stringent NERC CIP guidelines. The OATI Data Center Infrastructure, from the base architecture of the campus Data Center, advanced security and monitoring capabilities, and the OATI Cloud, creates a reliable and stable environment to house OATI customers’ mission-critical applications and data.

OATI ( is a leading provider of Smart Grid, Energy Trading and Risk Management, Transmission Scheduling, Congestion Management, and Market Management products and services. OATI is headquartered in Minneapolis, Minnesota, with an office in Redwood City, California. For more information, please contact