« Major Outage of Sony Play Station 3 NetworkDeleted Items in Email….not for safe keeping! »

Massachusetts 201 CMR 17 compliance deadline is today

Link: http://centrend.com/93h_compliance.html

 
The new law has taken effect today, so every business leader must now be certain that the information that the Commonwealth of Mass defines as personal information flows through their organization under specific guidelines.

The deadline for compliance with the new data protection laws in Massachusetts was extended at the end of 2008, and then it was extended again in 2009. There will be no further extensions. Whether you are ready or not, on March 1, 2010, you will be required by Massachusetts law to take very specific and proactive steps to secure all forms of personal information you collect and store about Massachusetts residents, whether they may be customers, employees or contractors.

The Office of Consumer Affairs and Business Regulations drafted and then refined the regulations (MA 201 CMR 17.00) in response to feedback from the business populace. The regulations mandate that every organization and individual take more responsibility for the active protection of personal data, as defined by the Commonwealth of Massachusetts.

All legal entities will now be required to create and maintain a Written Information Security Plan (WISP). Your organization’s WISP will cover newly required organizational precautions, as well as technological safeguards. With the regulations to be enforced by the Attorney General’s office, the Commonwealth of Massachusetts will take into consideration the size of your organization and the scope of whatever personal information is recorded.

Most of the technical concerns we are now hearing about are regarding portable media and laptop computers. The new data regulations will require all portable devices and storage media containing personal information be secured by encryption technology.

Business leaders needing help determining their own level of compliance should consult an Information Technology expert, and Centrend has scheduled a free online compliance workshop. Each plan must be documented and employees must be trained on how to safely work with both physical and electronic records.

Centrend is offering help and free guidance to any organization challenged by this initiative.

- Bill

***
Bill Bowman
Senior Technology Advisor
Centrend, Inc.
508-347-9550 x135

This entry was posted on March 1st, 2010 at 07:06:06 am and is filed under Technology

No feedback yet

Comments are not allowed from anonymous visitors.