MA 201 CMR 17 Compliance
If you own or license certain types of personal information you likely need to comply with Massachusetts regulation 201 CMR 17.
This regulation requires minimum standards of security related to personal information to be met by March, 2010. Compliance includes a Comprehensive Written Information Security Program (WISP) for a security breach. Before you pay money for an online form that claims to get you “compliant” please familiarize yourself with the regulation checklist.
Non-compliance can be very costly. We have worked with several companies, including legal and non-profits, to ensure compliance, including WISP documentation.
If you have any questions about compliance, please contact us.