\nA licensee's information security program shall be designed to:\n(1) Ensure the security and confidentiality of customer information;\n(2) Protect against any anticipated threats or hazards to the security or integrity of the information; and\n(3) Protect against unauthorized access to or use of the information that could result in substantial harm or inconvenience to any customer. (2003-262, s. 4.)
North Carolina Legal Code