Welcome to YLOAN.COM
HOME MARKETS TRADE SOLUTIONS TECH CONTACT
yloan.com » Web-Hosting » Ma 201 Cmr 17 Compliance Nengroup Message About Preparing For The Massachusetts Data Privacy Act
Online Business Site Promotion Web misc Affiliate-Revenue Auctions Audio-Streaming Autoresponders Blogging-Rss Email-Marketing Ezine-Publishing Forums Internet-Marketing List-Building PPC-Advertising Podcasting SEO Spam-Blocker Traffic-Building Video-Streaming Web-Design Web-Development Web-Hosting Domain Name soreness web analysis vinyl mlm searching media info spyware access microsoft outlook farmville

Ma 201 Cmr 17 Compliance Nengroup Message About Preparing For The Massachusetts Data Privacy Act

Many small businesses believe that they are exempt from the Massachusetts Data Privacy

Act (201 CMR 17); the perception is that the law is geared to retailers and financial institutions, whose day to day operation involves the gathering and sharing of large amounts of personal information. A few simple questions should convince you that you are most likely NOT exempt, and that your business must comply.

Do you have any employees?

Do you receive payments from individuals, whether check or credit card?

Do you need to send out 1099s?


If you answered yes to any or all of these questions, then you have personal information in your possession, and therefore must bring your business into compliance.

Massachusetts has recently revised the 201 CMR 17 law, and there is much good news for businesses:

The effective date for 201 CMR 17 is now March 1, 2010

The application of the regulations to those that "own or license" personal information about Massachusetts residents versus their service providers has been more clearly described.

The Regulations now take a "risk-based" approach that allows a business to take into account their size, scope, amount of resources, nature and quantity of data collected or stored, and the need for security, in determining how to implement the requirements.

The definition of encryption is now technologically neutral, and all computer security system requirements only need be applied "to the extent technically feasible." According to the Massachusetts Office of Consumer Affairs and Business Regulation, this means "that if there is a reasonable means through technology to accomplish a required result, then that reasonable means must be used."

Businesses must "take reasonable steps to select and retain" third-party service providers capable of maintaining security measures consistent with the Regulations, and bind them by contract to implement and maintain them.

These changes are going to make 201 CMR 17 compliance easier. However the deadline is now less than six months away. Businesses may want to start the hard work that needs to be done now.

Write a 201 CMR 17 Comprehensive Information Security Program, with the aid of an attorney. We have provided a model for you to follow.

Implement a strong password policy. Passwords need to be impossible to guess and should include letters, both upper and lower case, numbers and symbols.

Secure Email so that personal information can not be sent out on the Internet unless it is encrypted.

Encrypt laptops and other portable devices in a method that doesn't interfere with a user's ability to read and create documents.

Have a system to maintain up to date security patches, antivirus, malware, and firewalls for all computer equipment.

Then ask who what why when where:

WHO: Choose a point person. Having a designated driver will make the complicated process more efficient and more effective. And make sure they have the resources needed to get the job done.

WHAT: What are the potential risks? Identify any foreseeable risks to Personal Information and come up with a plan to eliminate or reduce those risks

WHY: Educate and Train all employees about the importance of protecting Personal Information and Computer Network Security

WHERE: Identify where Personal Information comes from, where it is stored, how it is utilized and by whom.

HOW: How are you going to get this done? Decide if internal resources are enough or is an outside network firm needed to create a reasonable secure network


WHEN: Now is the time to start tackling these tasks. We have compiled a check list to help you through the process.

There are a number of resources available to help small businesses with their questions and concerns on this law that aims to protect them, their customers and their employees. The Massachusetts Office of Consumer Affairs and Business Regulation created these regulations and can be helpful.

Please call me at 781 362 1199 or toll free at 800 696 2309. Or you can email me at rokeefe@nengroup.com. I will be happy to set up an appointment to guide you through this process.

by: NENGroup
Efficient Web Hosting Services At Your Fingertips With 2ezasia Different Hosting Packages And Choosing The Right One For You Green Web Hosting-a Choice To Be Taken Seriously Dedicated Servers Or Shared Servers My 9 Years Old Just Built My Website For Me!... When Is Dedicated Server Hosting Required? Free Web Hosting - Who Is Providing It And Why "free" Not Always A Good Idea "unlimited" Web Hosting Plan - Smart Marketing Technique? Web Hosting Checklist Take a look at affordable web hosting What You Can Gain From Unlimited Bandwidth Hosting Should You Go For Dedicated Server Or Shared Web Hosting? Facts About Web Hosting In Malaysia
print

Contact

mail:info@yloan.com

www.yloan.com

About us Infoline Team Join us Cooperation

Products

Yloan information

Our Solutions

Presentation Testimonials Examples Our experts Resources

Press Room

Advertisement Interviews Hot news Photos Marketing

Resources

loan info finance info
www.yloan.com guest:  register | login | search IP(216.73.216.125) California / Anaheim Processed in 0.018650 second(s), 7 queries , Gzip enabled , discuz 5.5 through PHP 8.3.9 , debug code: 52 , 4392, 242,
Ma 201 Cmr 17 Compliance Nengroup Message About Preparing For The Massachusetts Data Privacy Act Anaheim