Statutes, codes, and regulations
Iowa Administrative Code
Agency 191 - INSURANCE DIVISIONINSURANCE COVERAGE FOR PEDIATRIC PREVENTIVE SERVICES
Chapter 90 - FINANCIAL AND HEALTH INFORMATION REGULATION
Rule 191-90.37 - Information security program

Iowa Admin. Code r. 191-90.37

Download
PDF
Current through Register Vol. 46, No. 21, April 17, 2024
Rule 191-90.37 - Information security program
(1) Each licensee shall implement a comprehensive written information security program that includes administrative, technical and physical safeguards for the protection of customer information. The administrative, technical and physical safeguards included in the information security program shall be appropriate to the size and complexity of the licensee and the nature and scope of the licensee's activities.
(2) A licensee's information security program shall be designed to:
a. Ensure the security and confidentiality of customer information;
b. Protect against any anticipated threats or hazards to the security or integrity of the information; and
c. Protect against unauthorized access to or use of the information that could result in substantial harm or inconvenience to any customer.

Iowa Admin. Code r. 191-90.37

Adopted by IAB March 20, 2024/Volume XLVI, Number 19, effective 4/24/2024