TITLE 50: INSURANCE
CHAPTER I: DEPARTMENT OF INSURANCE SUBCHAPTER tt: INSURANCE INFORMATION AND PRIVACY PROTECTION
PART 4003 STANDARDS FOR SAFEGUARDING CUSTOMER INFORMATION
SECTION 4003.70 ASSESS RISK
CHAPTER I: DEPARTMENT OF INSURANCE SUBCHAPTER tt: INSURANCE INFORMATION AND PRIVACY PROTECTION
PART 4003 STANDARDS FOR SAFEGUARDING CUSTOMER INFORMATION
SECTION 4003.70 ASSESS RISK
Section 4003.70 Assess Risk
The licensee:
a) Identifies reasonably foreseeable internal or external threats that could result in unauthorized disclosure, misuse, alteration or destruction of customer information or customer information systems;
b) Assesses the likelihood and potential damage of these threats, taking into consideration the sensitivity of customer information; and
c) Assesses the sufficiency of policies, procedures, customer information systems and other safeguards in place to control risks.