A licensee’s information security program shall be designed to:
- (1) Ensure the security and confidentiality of customer information;
- (2) Protect against any anticipated threats or hazards to the security or integrity of the information; and
- (3) Protect against unauthorized access to or use of the information that could result in substantial harm or inconvenience to any customer.
Statutory/Other Authority
ORS 731.244
Statutes/Other Implemented
ORS 746.240 & 746.670
History
ID 2-2003, f. & cert. ef. 3-17-03