A licensee shall: (1) Exercise due diligence in selecting its third-party service provider. (2) Require a third-party service provider to implement appropriate administrative, technical and physical measures to protect and secure the information systems and nonpublic information that are accessible to, or held by, the third-party service provider. Cross References. Section 4515 is referred to in sections 4514, 4516, 4521, 4532, 4536 of this title.
Pennsylvania Legal Code