Link: http://www.centrend.com/93h_compliance.html

A Written Information Security Plan or “WISP", is required by new regulations of the Commonwealth of Massachusetts, effective March 1, 2010. Any individual or entity which receives, handles, stores or transfers personal information about Massachusetts residents must have one.

If you or your organization hasn’t already started the security plan, the best place to begin is with a determination of what personal data is collected throughout the organization, and by whom, where, when, how and why. Make a comprehensive list of all points within the organization where personal data will enter or exit, and where it is sent, noting also the amount and frequency. It’s important to document not only who collects or handles the data, but also everyone who may have access to it.

All of this is related to MA 201 CMR 17.00 - Information Protection, and Centrend is offering help and free guidance to any organization challenged by this government mandate.

- Bill

***
Bill Bowman
Senior Technology Advisor
Centrend, Inc.
508-347-9550 x135