If you are a small business owner who does business in Massachusetts and you have not yet heard of the new Massachusetts data security and privacy laws known as 201 CMR 17, then you need to get up to speed quickly as this law has gone into effect and the compliance deadline has passed at the end of the first quarter of 2010. Please be advised that we strongly recommend that you consult with a qualified attorney as well as your IT staff or trusted IT service provider to help you comply with the laws.
A summary of these new regulations can be found here on the Commonwealth’s web site: 201 CMR 17:00 (PDF)
It is important to understand the impetus behind these laws and what caused the state to take such sweeping action. The TJX breach of 2007 was the major wakeup call that put these regulations into motion. For months, sensitive information was being stolen from this company without anyone in management knowing what was happening. When it was finally discovered, there were over 94 million records that were compromised!
After a series of similar incidents, Massachusetts has come down harder on this issue than any state in the union, because legislators don’t want such breaches to happen at any scale, and neither should you, since these are our credit cards numbers (and other personal information) that are being stolen and potentially used for identity theft.
For organizations who conduct any business in Massachusetts, whether they have physical locations in the state or not, and businesses that handle the personal information (SSN, drivers license number, address and phone number, credit card info, financial account info) of any Massachusetts residents, the state mandates specific assets, processes and performance. If you think about it, that affects everyone from the corner pizza parlor that takes credit cards all the way to the biggest insurance carrier.
The regulations, in summary, require your business to:
- Take the necessary steps to protect personal information, both physically and electronically
- Comply with specific computer security requirements and put resources into place if they don’t exist
- Have the ability to know when a breach happens and report it to the state if it does
- Have a written plan that describes your policies and procedures with respect to info security
- Have a designated go-to person in the company for compliance with these regulations
- Train your employees on these policies and procedures
- Require similar performance from all your relevant vendors
- Monitor your systems and have them audited for continued compliance
The regulations provide much more detailed information and definitions of terms, and we highly recommend you look them over. The state promises to impose heavy fines and penalties on companies that do suffer a breach while not in compliance with the laws. Risks of non-compliance include:
- Audit and penalties by the state
- Loss of goodwill and reputation
- Consumer law suits – torts by individuals whose information has been compromised
Please don’t do what I heard a business owner tell me the other day. He said, “Well, if I don’t do anything, then I won’t know if a breach happens, therefore I can’t report what I don’t know, so I’m good!”
If you want to still own a business after a data breach, I suggest you don’t take this person’s advice. It will be tough enough to make up for your lost reputation when your clients find out you caused their sensitive data to be compromised. For a quick look at businesses that have reported a breach check out the ID Theft Center .
If you haven’t done your 201 CMR 17 compliance project, it’s not too late! Find a service provider with demonstrable 201 CMR 17 compliance experience, or better yet, a consortium of service providers representing the IT/technical, legal and security aspects of compliance, and protect your small business today so you can get back to work with peace of mind.
Copyright
© 2010 Skyrope, LLC. All right reserved
Great website…
[...]we like to honor many other internet sites on the web, even if they aren’t linked to us, by linking to them. Under are some webpages worth checking out[...]……
This is really good informative content. I think you are a gifted writer, dedicated to writing quality content. I hope to come back to continue reading and reviewing this information. Thank you for your dedication. http://www.samsung1080phdtv.net/
[...]Sites of interest we have a link to[...]……
[...]usually posts some very interesting stuff like this. If you’re new to this site[...]……
Just read this ……
I’d incessantly want to be update on new blog posts on this site, saved to favorites ! ….
Websites you should visit…
[...]below you’ll find the link to some sites that we think you should visit[...]……
Sites You Should Check Out…
http://www.hyspecs.getlisted.co.nz/cylinder-calculator...
Awesome website…
[...]the time to read or visit the content or sites we have linked to below the[...]……
Trackback for this article…
[...] Left you a trackback for your primary visitors to get additional information and facts [...]…
Links…
[...]Sites of interest we have a link to[...]……
Blogs ou should be reading…
[...]Here is a Great Blog You Might Find Interesting that we Encourage You[...]……
Blogs to visit…
[...] A number of women and men have total-time attribute and are destined to be undertaking a profession exchange [...]…
Sources…
[...]check below, are some totally unrelated websites to ours, however, they are most trustworthy sources that we use[...]……
Great information…
This is brilliant. Type stare upon this key fact substance therefore we are staggered. We’re attracted to one of these rules. Folk appreciate consumers input, and significance your time inside this. Please keep add relevant content. They are in realit…
I had got a desire to make my company, however I did not have got enough amount of cash to do this. Thank heaven my friend suggested to use the home loans. Hence I used the term loan and realized my dream.
You should check this out…
I saw this really good post today….
Superb website…
[...] Are you without any doubt convinced that is going to be right details? I observed something else entirely. I’ve just had a new concept that pop nicely right into my head [...]…
It requires…
just a little resilience and a few effort to learn the assistance info supplied for each game. Added to the truth that there is no…
Online Article……
[...]The information mentioned in the article are some of the best available [...]……
Good job on this article! I became interested in this content and have many of the same views as you. This is really good info.
Nice Work…
It’s in reality a nice and useful piece of info. I’m happy that you just shared this useful information with us. Please stay us informed like this. Thanks for sharing….
[...] that is the end of this article. Here you’ll find some sites that we think you’ll appreciate, just click the links over[...]……
[...] Every once in a while we choose blogs that we read. Listed below are the latest sites that we choose [...]……
That’s Right!…
This is a really good blog. Good work!…
[...] that is the end of this article. Here you’ll find some sites that we think you’ll appreciate, just click the links over[...]……
[...] Every once in a while we choose blogs that we read. Listed below are the latest sites that we choose [...]……
[...]The information mentioned in the article are some of the best available [...]……
[...]below you’ll find the link to some sites that we think you should visit[...]……
Trackback…
[...]Dear Webmaster, check out this new way to make money for your blog through Facebook [...]…
[...]always a big fan of linking to bloggers that I love but don’t get a lot of link love from[...]……
[...]just beneath, are numerous totally not related sites to ours, however, they are surely worth going over[...]……
I read your article while I was at work, so I had to come back to it when I got home. I reread it I learned more the second time.
newest, updated ios 5 operating system and…
multitask better than ever. the handset also provides access to a new storage and backup service called icloud which allows you to keep all of your music, media and more secure on remote servers, and not just on your phone. the…
I personally think this material is terrific. I am in agreement with much of the information provided and am motivated to find out more. I’m hoping more information will be added in the near future.
vancouver wedding photography…
[...]Massachusetts Data Security & Privacy Laws – 201 CMR 17 – What Small Businesses Must Do for Compliance[...]…
something to come in the mail which…
was close to what you wanted. fortunately, now through the internet you are able to be a proactive shopper.there are sites which specialize in coupons and special deals all designed to save you money at your favorite retailers. their services are…
You should check this out…
I saw this really good post today….
viagra…
good place to come over and read….
Awesome website…
[...]the time to read or visit the content or sites we have linked to below the[...]……
[...] that is the end of this article. Here you’ll find some sites that we think you’ll appreciate, just click the links over[...]……
[...] Every once in a while we choose blogs that we read. Listed below are the latest sites that we choose [...]……
Sites I like…
[...]listed here are actually a few back links to a few other sites that I link to because I think they are worth paying a visit to[...]…
This Site Linked…
[...]here are actually some back links to sites that I also link to since we believe they are truly worth checking out[...]…
Pick Up Artist…
[...]here are actually a few links to websites that I also link to because I believe they are truly worth dropping by[...]…
Other Sites…
[...]right here are actually some back links to websites that I also link to because I believe they are actually worth dropping by[...]…
This Site Linked…
[...]listed here are actually a few links to web sites that I also link to because we think they are actually worth going to[...]…
Check this out…
[...]listed here are simply some back links to web sites that we link to because I think they are worth reading[...]…
How To Impress A Girl…
[...]here are simply some links to web sites that we link to since we think they are truly worth dropping by[...]…
cialis…
great site like the content…
Websites you should visit…
[...]below you’ll find the link to some sites that we think you should visit[...]……
Superb website…
[...]always a big fan of linking to bloggers that I love but don’t get a lot of link love from[...]……
will find…
enthusiasm the video games arouse in youngsters means that they will want to move straight to the games with out losing much time…
Kamasz…
[...]here are some links to sites that we link to because we think they are worth visiting[...]…
Read was interesting, stay in touch……
[...]please visit the sites we follow, including this one, as it represents our picks from the web[...]……
of all…
assured access to all types of computer games ever invented. In addition to the truth that you’ll be able to access all form of…
Read was interesting, stay in touch……
[...] requires fairly long time for achieving great results. One will need to have real dedication [...]…