(1) Each licensee shall implement a comprehensive written information security program that includes administrative, technical, and physical safeguards for the protection of customer information.
    (2) The administrative, technical, and physical safeguards included in the information security program shall be appropriate to the size and complexity of the licensee and the nature and scope of its activities.
Rulemaking Authority 624.308(1), 626.9651 FS. Law Implemented 624.307(1), 626.9651 FS. History-New 12-8-02, Formerly 4-128.032, 69B-128.032.