Standards for safeguarding customer information

Ark. Code Ann. § 23-55-1102 — under Data Security for Money Services.

Ark. Code Ann. § 23-55-1102

(a) A financial institution shall develop, implement, and maintain a comprehensive information security program.

(b) The information security program under subsection (a) shall:(1) be written in one or more readily accessible parts; and(2) contain administrative, technical, and physical safeguards that are appropriate to the financial institution's size and complexity, the nature and scope of the financial institution's activities, and the sensitivity of any customer information at issue.

(1) be written in one or more readily accessible parts; and

(2) contain administrative, technical, and physical safeguards that are appropriate to the financial institution's size and complexity, the nature and scope of the financial institution's activities, and the sensitivity of any customer information at issue.

(c) The information security program shall include the information required under § 23-55-1103.