IT Governance Blog on IT governance, risk management, compliance and information security. » 201 CMR 17.00

Do you comply with the 201 CMR 17.00 – The Massachusetts Data Protection Law?

James Warren — Wed, 07 Apr 2010 07:54:31 +0000

You are probably aware of the new data protection law and that every organization who collects, owns or licenses personal information about a resident of Massachusetts must now be in full compliance.

Do you comply with the 201 CMR 17.00 – The Massachusetts Data Protection Law? is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

How to comply with the Massachusetts Data Protection Law

James Warren — Tue, 30 Mar 2010 08:21:03 +0000

Many organizations accross the state of Massachusetts and organizations outside of Massachusetts, who collects, owns or licenses personal information about a resident of Massachusetts, are struggling to meet the requirements of the new Data Protection Law (201 CMR 17.00), which came into force on March 1st this year. If you fall into this category, or [...]

How to comply with the Massachusetts Data Protection Law is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

Cost Effective Solution to Meet 201 CMR 17.00 Deadline!

James Warren — Wed, 03 Feb 2010 13:03:57 +0000

Every organization who collects, owns or licenses personal information about a resident of Massachusetts will have to be in full compliance with 201 CMR 17.00 on or before March 1, 2010. The term "personal information" is defined so broadly that nearly every Massachusetts business must comply with the regulations.

Cost Effective Solution to Meet 201 CMR 17.00 Deadline! is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

Upgrade your ISO27001 ISMS to cover 201 CMR 17.00!

James Warren — Thu, 21 Jan 2010 11:33:16 +0000

You can read the Massachusetts regulation yourself and decide how to revise your ISMS, or you can accelerate your compliance with 201 CMR 17.00 with The 201 CMR 17.00 Upgrade Toolkit which includes specific document revision instructions.

Upgrade your ISO27001 ISMS to cover 201 CMR 17.00! is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

Purchase The 201 CMR 17.00 and ISO 27001 Toolkit Today!

James Warren — Wed, 13 Jan 2010 09:33:29 +0000

The 201 CMR 17.00 & ISO 27001 Toolkit Will save you months of work, help you avoid costly trial-and-error dead-ends, and ensure everything is covered to current 201 CMR 17.00 / ISO 27001 standard.

Purchase The 201 CMR 17.00 and ISO 27001 Toolkit Today! is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

Obliged to meet the 201 CMR 17.00 – Massachusetts Data Protection Law?

James Warren — Wed, 06 Jan 2010 10:01:43 +0000

If you need motivation to move towards compliance, Massachusetts General Law, Chapter 93A, section 4 specifically authorizes the Attorney General to seek injunctive relief against the organization involved in the unauthorized act or practice. In addition, section 4 allows a court to impose a $5,000 civil penalty for each violation and if ‘violation‘ is interpreted to mean the unauthorized access to a single individual’s personal information, the potential damages could be enormous.

Obliged to meet the 201 CMR 17.00 – Massachusetts Data Protection Law? is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

Meet 2010 Compliance Laws

James Warren — Wed, 02 Dec 2009 13:39:49 +0000

In 2010 there will be two important compliance laws introduced which will affect the majority of North American organizations and many global organization too. 45 US States followed California when they introduced "SB1386", the Security Breach Information Act, which has specific and restrictive privacy breach reporting requirements.

Meet 2010 Compliance Laws is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

The 201 CMR 17.00 & ISO 27001 Toolkit

James Warren — Tue, 24 Nov 2009 10:34:09 +0000

Every organization who licenses personal information about a resident of Massachusetts shall be in full compliance with 201 CMR 17.00 on or before March 1, 2010.

The 201 CMR 17.00 & ISO 27001 Toolkit is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.

The Massachusetts Data Protection Law

James Warren — Wed, 04 Nov 2009 14:11:44 +0000

201 CMR 17.00, described by many as "one of the toughest in the nation", require ALL entities that licence, store or maintain personal information about a Massachusetts resident to implement a comprehensive information security program – even if the business or entity does not have offices in the state.

The Massachusetts Data Protection Law is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.