The bill amends Section 564.3 of the Oklahoma Statutes to clarify the data security standards applicable to dealer management system providers and their interactions with motor vehicle dealers and authorized integrators. Key provisions include the requirement for dealer management system providers to condition access to protected dealer data on compliance with "commercially reasonable data security standards." Additionally, it mandates that authorized integrators must obtain express written authorization from dealers before accessing or transmitting protected dealer data. The bill also prohibits dealer management system providers from imposing access fees or restrictions that limit a dealer's or integrator's ability to manage their protected data.

Furthermore, the bill outlines the liabilities and indemnifications related to the handling of protected dealer data. It specifies that neither dealers nor authorized integrators will be held liable for actions taken by the other party in securing data, provided those actions are in line with written instructions. Manufacturers, distributors, and their affiliates are also exempt from liability for unauthorized access to protected dealer data, except in cases where they have directly caused a breach. The act is set to take effect on November 1, 2025.