Oregon Administrative Rules
Chapter 836 - DEPARTMENT OF CONSUMER AND BUSINESS SERVICES, INSURANCE REGULATION
Division 81 - TRADE PRACTICES - GENERAL PROVISIONS
Section 836-081-0111 - Information Security Program

Universal Citation: OR Admin Rules 836-081-0111

Current through Register Vol. 63, No. 9, September 1, 2024

(1) Each licensee shall implement a comprehensive written information security program that includes administrative, technical and physical safeguards for the protection of customer information. The administrative, technical and physical safeguards included in the information security program shall be appropriate to the size and complexity of the licensee and the nature and scope of its activities.

(2) If a licensee is domiciled in another jurisdiction or subject to the primary jurisdiction of a different functional regulator, and the statutes and rules administered by its domiciliary regulator or primary functional regulator establish standards for protecting the security of consumer information that are substantially similar to those established by OAR 836-081-0101 to 836-081-0126, then good faith compliance with those standards to the satisfaction of the licensee's primary regulator shall constitute compliance with OAR 836-081-0101 to 836-081-0126.

Stat. Auth.: ORS 731.244

Stats. Implemented: ORS 746.240, ORS 746.670

Disclaimer: These regulations may not be the most recent version. Oregon may have more current or accurate information. We make no warranties or guarantees about the accuracy, completeness, or adequacy of the information contained on this site or the information linked to on the state site. Please check official sources.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.