In March of 2010, 201 CMR 17.00, or the Standards for The Protection of Personal Information of Residents of the Commonwealth was signed into law. Better known as the Massachusetts Data Protection Law, it outlines the security requirements for those organizations that handle the private data of state residents to follow. Does your business meet these requirements?
What Standards Does My Massachusetts Business Have to Meet?
The Data Protection Law outlines a few security standards that are critical to the success of your business. Putting it briefly, they are as follows:
- Any personal data your business collects must be encrypted.
- There must be policies dictating how both physical and digital records are kept and stored.
- Network security controls must be put in place.
- An organization must abide by risk management policies.
- Employees need to be trained in proper data security practices.
- Any data breaches and policy changes need to be documented.
- All third-party providers with access to data must maintain the same requirements.
What Else Must I Do?
In addition to these rules, House Bill No. 4806 was also signed into law. This amendment will help to ensure that any data breaches are reported to the affected parties and to state regulators. Notifications will be required to include a wide assortment of information, including:
- What information was compromised during a breach, including Social Security numbers, driver’s license information, any financial accounts, and other important personal data.
- The person responsible for the breach, if known.
- Who experienced the breach, and who is reporting it (along with any relationship the two share).
- If a written security program exists, and if it will be updated in response to the breach.
This law also dictates that an organization will need to provide 18 months of credit monitoring services (on their own dime) to those Massachusetts residents whose Social Security numbers were made vulnerable during the breach.
Is Your Business Compliant to These Regulations?
Datalyst can help to make sure it is. We can assess your network to ensure that these regulations are fulfilled. For more information, be sure to contact us at (774) 213-9701 or complete the form on the right.
Datalyst's Data Backup and Disaster Recovery
It's important to implement a data recovery solution as part of a concise business continuity plan.
There once was a time where companies required steel filing cabinets to store information. That time is long gone. Today, most of the documents your employees rely on to make your business run properly are of the digital variety. Document duplication, fire proof vaults, and off-site filing systems once were more prominent because that was the best way for companies to endure events where their data might be lost. All this extra storage was part of their business continuity plan. They knew that if a disaster ever struck, losing all of their work could be a fatal blow to their business. However, now that businesses primarily deal with digital records, different methods need to be utilized to prevent data loss.
The Value of Data Recovery
Before you hit the panic button, contact Datalyst. Our data loss solution will save the day!
Did you know that the hard drive is the most fragile component in your PC? The fragile nature of hard drives means that data loss is a fairly common occurrence; it has been estimated that 6% of computers experience some form of data loss every year! Since data loss is such a common problem, Datalyst has the tools and know-how to dig into your broken hard drive and retrieve your important information. Datalyst can perform this service on all types of hardware to recover your valuable data.