La. Admin. Code tit. 42 § III-2811

Current through Register Vol. 50, No. 11, November 20, 2024
Section III-2811 - Protection of Communications
A. A licensee and casino operator shall:
1. monitor, control, and protect all communication and information transmitted or received by the casinos computer systems at the external and internal boundaries of those systems; and
2. employ software development techniques, architectural designs, and systems engineering principles that promote effective information security within the casinos information systems.
B. To the extent possible and practical, all network communications and storage of confidential or sensitive data shall be encrypted. At a minimum, personal patron data shall be considered confidential. Personal patron data shall include, but not be limited to, any non-public patron information collected by the casino, such as date of birth, social security number, credit card number, bank account information, and drivers license number. The importance of additional data may vary as a function of how critical that data is to the integrity of the network and/or the needs of the casino. A licensee and casino operator must assess the type of data that the network carries or stores and determine the relative sensitivity of such information. This assessment shall then serve as a guide to the types of security measures that are appropriate for the network.

La. Admin. Code tit. 42, § III-2811

Promulgated by the Department of Public Safety and Corrections, Gaming Control Board, LR 442017 (11/1/2018).
AUTHORITY NOTE: Promulgated in accordance with R.S. 27:15 and 24.