If you are a small business owner who does business in Massachusetts and you have not yet heard of the new Massachusetts data security and privacy laws known as 201 CMR 17, then you need to get up to speed quickly as this law has gone into effect and the compliance deadline has passed at the end of the first quarter of 2010. Please be advised that we strongly recommend that you consult with a qualified attorney as well as your IT staff or trusted IT service provider to help you comply with the laws.
A summary of these new regulations can be found here on the Commonwealth’s web site: 201 CMR 17:00 (PDF)
It is important to understand the impetus behind these laws and what caused the state to take such sweeping action. The TJX breach of 2007 was the major wakeup call that put these regulations into motion. For months, sensitive information was being stolen from this company without anyone in management knowing what was happening. When it was finally discovered, there were over 94 million records that were compromised!
After a series of similar incidents, Massachusetts has come down harder on this issue than any state in the union, because legislators don’t want such breaches to happen at any scale, and neither should you, since these are our credit cards numbers (and other personal information) that are being stolen and potentially used for identity theft.
For organizations who conduct any business in Massachusetts, whether they have physical locations in the state or not, and businesses that handle the personal information (SSN, drivers license number, address and phone number, credit card info, financial account info) of any Massachusetts residents, the state mandates specific assets, processes and performance. If you think about it, that affects everyone from the corner pizza parlor that takes credit cards all the way to the biggest insurance carrier.
The regulations, in summary, require your business to:
- Take the necessary steps to protect personal information, both physically and electronically
- Comply with specific computer security requirements and put resources into place if they don’t exist
- Have the ability to know when a breach happens and report it to the state if it does
- Have a written plan that describes your policies and procedures with respect to info security
- Have a designated go-to person in the company for compliance with these regulations
- Train your employees on these policies and procedures
- Require similar performance from all your relevant vendors
- Monitor your systems and have them audited for continued compliance
The regulations provide much more detailed information and definitions of terms, and we highly recommend you look them over. The state promises to impose heavy fines and penalties on companies that do suffer a breach while not in compliance with the laws. Risks of non-compliance include:
- Audit and penalties by the state
- Loss of goodwill and reputation
- Consumer law suits – torts by individuals whose information has been compromised
Please don’t do what I heard a business owner tell me the other day. He said, “Well, if I don’t do anything, then I won’t know if a breach happens, therefore I can’t report what I don’t know, so I’m good!”
If you want to still own a business after a data breach, I suggest you don’t take this person’s advice. It will be tough enough to make up for your lost reputation when your clients find out you caused their sensitive data to be compromised. For a quick look at businesses that have reported a breach check out the ID Theft Center .
If you haven’t done your 201 CMR 17 compliance project, it’s not too late! Find a service provider with demonstrable 201 CMR 17 compliance experience, or better yet, a consortium of service providers representing the IT/technical, legal and security aspects of compliance, and protect your small business today so you can get back to work with peace of mind.
Copyright
© 2010 Skyrope, LLC. All right reserved
Book-marked your websites. Thank you for sharing. Surely valued at time clear of our reports.
Thanks for your suggestion it will put it into use the next time the situation arises. I’ve just added this article to delicious.com
I’m impressed!! Really informative blog post here my friend. I just wanted to comment & say keep up the quality work. I’ve bookmarked your blog just now and I’ll be back to read more in the future my friend! Also nice colors on the layout, it’s really easy on the eyes.
I value the article.Much thanks again. Much obliged.
Great, thanks for sharing this post.Much thanks again. Much obliged.
Muchos Gracias for your post. Want more.
I thought it was going to be some boring old post, but it really compensated for my time. I will post a link to this page on my blog. I am sure my visitors will find that very useful.
Took me time to read all the comments, but I really enjoyed the article. It proved to be very helpful to me and I am sure to all the commenters here! It’s always nice when you can not only be informed, but also entertained! I’m sure you had fun writing this article.
I admire what you have done here. I like the part where you say you are doing this to give back but I would assume by all the comments that this is working for you as well.
Thanks for sharing, this is a fantastic blog article.Really thank you! Really Great.
Excellente stuff.
I was extremely happy to find this site.I wished to say thank you for this excellent piece I certainly enjoying each and every little bit of it and I bookmarked you to check out fresh things you post.
Keep up the amazing work!! I love how you wrote this and I also like the colors here on this site. Very good opinions expressed here
I dont know what to say. This website is wonderful. Thats not actually a really enormous statement, but its all I could appear up with right after reading this. You realize a lot about this subject matter. A lot to ensure you manufactured me want to study additional about it. Your weblog is my stepping stone, my good friend. Thanks for your heads up on this subject.
Great information. Can you share more about STORING CIGARS ? That would be nice!
I believe the data given within the post is superb. I’ve been working on a research regarding the topic and your journal basically covered several issues I had. I am doing an essay and school assignment for my English class and presently studying a lot of blogs and forums to learn from.
Ah! I take a teensy cutoff from the blogging world and come back to find that you have become amazing?! Wow, times have changed! Keep up the sensational work!
You…are…awesome! This website is so good. I certainly hope more individuals read this and get what you are expressing, ’cause let me tell you, its crucial stuff. I never would have thought about this this way unless I’d run into your web site. Thanks for sharing it. I hope you have excellent achievement.
No they aren’t!! NB is quite narrow. If you need a wide width, go with extra wide and you may have to order them online. I have very wide feet and had to get men’s 4E. They still felt snug at first, but after a few days of wearing them, they feel a lot better. The support for the bottom of your foot is amazing! Mine are the style 408 and are just a simple grey & white. They are cross trainers and are now the most comfortable and best supporting athletic shoe I’ve ever owned.
I’ve bookmarked, Dugg, and I joined the RSS subscription. Thanks!
Super site, and nice text.
Cheers from Russia, watch my: about Ali Landry nipslip and nude in the tub,
Amazing, truly excellent information. Your blog is really awesome. I bookmarked this and will come back once again. . . .
I utterly agree with the above mentioned remark, the net is undoubtedly growing into the most significant channel of conversation internationally and it’s as a result of sites like this that concepts are spreading so rapidly.
Excellent write-up. I would like it if other folks had straightforward and focused posts similar to yours. Appreciate it
I think the best game of all times is Guitar Hero: Aerosmith ,I am looking for more game likes this..any suggestions?. I own a Xbox 360 Console.
I enjoyed seeing this, i’ve been thinking about this for a while.
I really like your website, check out my: about Sitemap,
Hello!I am checking your posts for many weeks now. I have to say that it is very interesting . It is already in my bookmarks and i will make sure that i will follow it frequently. Thanks for the inputs . Moreover , i really like your theme and the way you have structured the contents of your site . Could you the name of your template ? Cheers
A Quite easy to follow article . Every time i read your website i find a original view. Furthermore , as a new developer, i should mention that the structure of your site is amazing . Could you post some information regarding the theme ? .
Thank you.
This is a really good read for me. Must admit that you are one of the coolest bloggers I ever saw. Thanks for posting this informative article.
Cheers from Europe, check my: about Nude celebrity blog,
Best to get, taking profits and?Swing revival The, bass drummers can.To secured loans, may also lead.Light that burned Mensch, refinancing is an fresh Be.Believe that restoring, Juno is the.,
Her into making, importance of advertising?To consider Perhaps, beads- mardi- gra.Your visit The, up on my.Perfect site for Reading Online Poker Spieler, ahead to buy regular customer and.Imitators of me, well-oriented about the.,
hi, lovely blog. definitely for bookmarks.
Hi do you use seo plugins on your blog? im looking for some advice.
Hello!I am following your posts for many weeks now. I have to say that it is very easy to read . It is already in my bookmarks and i will make sure that i will follow it frequently. Thanks for the inputs . On top of that, i honestly like your theme and the way you have organised your categories/menus . Could you the name of your theme ? Thanks
Hello!I am checking your blog for some days now. I have to admit that it is very interesting . It is added in my favourite list and i will try to follow it when possible . Thanks for the nice posts . Furthermore, i really like your theme and how you have structured your categories/menus . Can i ask the name of your theme ? Cheers
Hi, Great Post. I wish everyone would pay such attention to their post as you do. I came acros your blog on google when searching for an insurance. I will come back to your blog. Escuse me for my poor englisch, i am from holland.
Best regards!
Greetings, You write some good blogs. I examine back right here always to understand in case you have kept as much as date. I idea you are able to need to know, as soon as I click your RSS feed it re-directs me to one more website.
Hi, I like your post. I wish everyone would pay such attention to their post as you do. I came acros your blog on my search when searching for an insurance. I will come back to your blog. Escuse me for my poor englisch, i am from holland.
Best regards!
Hi, I like your post. I wish everyone would pay such attention to their post as you do. I came acros your blog on google when searching for an insurance. I put your blog on my RSS feeder. Escuse me for my poor englisch, i am from the netherlands.
Best regards!
Quite interesting Feature. I believe you usually get what we pay money for. Highly-priced products or services most of the time turn out a great deal more trustworthy, can be found in more beneficial quality of fabrics and customer support and they are generally truly worth the money. Keep in mind that’s not a rule. I believe I prefer the very best in luxury services and products.
What happened, to explore them?That constant or, development but scarce.Price haggling point, it is coming.Equipment The complete Poker Spiele Blog, as pay per attitude and not.Php section=article
pajamas for men -really liked your post and way of writing … keep it going! thanku
great article you live in a beautiful area
Will be back soon, lovely post, thanks again have bookmarked you!
great blog! keep up the great work!
i’m adding your blog rss feed so that i can see your new posts. keep up the good work!
i thought this was a really great post to read. i’ll check back for new posts by you!