191—90.37(505) Financial and Health Information Regulation
191—90.37(505) Financial and Health Information Regulation | |
---|---|
Short Title | Information Security Program |
Official Text | 191—90.37(505) Financial and Health Information Regulation |
Country/Jurisdiction | United States |
State or Province | Iowa |
Regulatory Bodies | Iowa Insurance Division |
Date Enacted | 2017/01/25 |
Scope of the Law | Insurance, Health, Financial |
Information | |
Taxonomy | |
Strategies |
This provision of the Iowa Administrative Code covers insurance companies doing business in the state. The provision sets out requirements for information security programs to protect personal information.
Text of the law
Iowa Administrative Code 191—90.37(505) Information security program.
90.37(1) Each licensee shall implement a comprehensive written information security program that includes administrative, technical and physical safeguards for the protection of customer information. The administrative, technical and physical safeguards included in the information security program shall be appropriate to the size and complexity of the licensee and the nature and scope of the licensee’s activities.
90.37(2) A licensee’s information security program shall be designed to: a. Ensure the security and confidentiality of customer information; b. Protect against any anticipated threats or hazards to the security or integrity of the information; and c. Protect against unauthorized access to or use of the information that could result in substantial harm or inconvenience to any customer.
Disclaimer: The text of this law may not be the most recent version. We make no warranties or representations about the accuracy, completeness, or adequacy of the information contained on this site. Please check official sources.