47 CFR 64.2005 - Data security.
(b) The security measures taken by a telecommunications carrier to implement the requirement set forth in this section must appropriately take into account each of the following factors:
(1) The nature and scope of the telecommunications carrier's activities;
(2) The sensitivity of the data it collects;
(3) The size of the telecommunications carrier; and
(4) Technical feasibility.
(c) A telecommunications carrier may employ any lawful security measures that allow it to implement the requirement set forth in this section.