A licensee shall: (1) Exercise due diligence in selecting its third-party service provider. (2) Require a third-party service provider to implement appropriate administrative, technical and physical measures to protect and secure the information systems and nonpublic information that are accessible to, or held by, the third-party service provider.
‹ Prev All Pennsylvania sections Next ›
Lexace provides legal information, not legal advice, and no attorney–client relationship is created. Statute text is provided for general information and may not reflect the most recent amendments; verify against the official state code.