The Revised FTC Safeguards Rule requires that your information security program meet these three objectives:
Ensure the privacy, security and confidentiality of customer information.
Protect against any anticipated threats or hazards to the security and/or integrity of customer information.
Protect against unauthorized access to or use of customer information that could result in substantial harm or inconvenience to any customer.
Eight required elements of the FTC Safeguards Rule