47 CFR 64.2005 - Data security.

§ 64.2005 Data security.

(a) A telecommunications carrier must take reasonable measures to protect customer PI from unauthorized use, disclosure, or access.

(b) The security measures taken by a telecommunications carrier to implement the requirement set forth in this section must appropriately take into account each of the following factors:

(1) The nature and scope of the telecommunications carrier's activities;

(2) The sensitivity of the data it collects;

(3) The size of the telecommunications carrier; and

(4) Technical feasibility.

(c) A telecommunications carrier may employ any lawful security measures that allow it to implement the requirement set forth in this section.

[ 81 FR 87343, Dec. 2, 2016]
The section you are viewing is cited by the following CFR sections.