Members shall ensure that their facilities are secured and have established procedures to avoid theft and tampering including firewalls and password protection for all electronic data.