Services

Massachusetts Privacy Law

March 1, 2010 was the effective date for regulation 201 CMR 17.00: Standards for the Protection of Personal Information of Residents of the Commonwealth.

This regulation implements provisions of Massachusetts General Law Chapter 93H for standards to be met by anyone who owns, licenses, stores, or maintains personal information on a resident of the Commonwealth of Massachusetts.

So what?

Imagine notifying your customers - to comply with this regulation - if you lost any of their personal information. Picture yourself writing checks - to comply with this regulation - of up to $50,000.00 for each incident of any lost personal information.

Which would be worse for your business?

It hardly matters since they both go hand in hand if you are not in compliance with 201 CMR 17.00: Standards for the Protection of Personal Information of Residents of the Commonwealth.

What constitutes personal information for a resident of Massachusetts?

The resident's first name and last name or first initial and last name in combination with any one or more of the following data elements that relate to such resident:

  • Social Security Number
  • Driver's license number or state-issued identification card number
  • Financial account number, or credit or debit card number, with or without any required security code, access code, personal identification number or password, that would permit access to a resident’s financial account

How do you make sure you are compliant?

Why take the risk of not protecting yourself ? Here are a few of the ways we can help you to become compliant:

  • Conduct a risk assessment & compliance review
  • Develop a Written Information Security Plan (WISP)
  • Implement the safeguards (encryption, firewalls, monitoring, etc.) identified in the assessment and described in the plan

To get help with 201 CMR 17:00 complete and submit the form below:
(Fields that are boldfaced are required.)

Name
E-mail
Company Name
Phone Number