- (1) Exercise due diligence in selecting its third-party service provider.
- (2) Require a third-party service provider to implement appropriate administrative, technical and physical measures to protect and secure the information systems and nonpublic information that are accessible to, or held by, the third-party service provider.
A licensee shall:
Cross References. Section 4515 is referred to in sections 4514, 4516, 4521, 4532, 4536 of this title.