OAR 333-049-0130
Security


(1) All authorized users shall abide by such security policies and procedures to safeguard information in the IIS deemed necessary by the program. Such policies and procedures may include, but are not limited to, confidentiality agreements, the use of computer passwords, and user identification numbers. The program shall provide copies of the policies and procedures to all authorized users who participate in either or both the IIS or tracking and recall system.
(2) The program shall develop security standards to safeguard the information in the IIS. The standards will address, but not be limited to, the collection, transfer, storage, and processing of information in the IIS and tracking and recall system.
(3) The program shall review the security policies, procedures, and standards at least once each year and shall revise such policies, procedures, and standards as necessary.
Last Updated

Jun. 8, 2021

Rule 333-049-0130’s source at or​.us