A licensee's information security program shall be designed to:
- (1) Ensure the security and confidentiality of customer information;
- (2) Protect against any anticipated threats or hazards to the security or integrity of the information; and
- (3) Protect against unauthorized access to or use of the information that could result in substantial harm or inconvenience to any customer.
Added at 22 Ok Reg 2059, eff 7-14-05