Massachusetts Compliance Guideline
Massachusetts has a high standard for consumer protection that most states look to as a source to frame their own laws. 201 CMR 17.00 requires any business that stores or licenses personal information of residents in the state to notify the Office Of Consumer Affairs & Business Regulation, as well as the Office of Attorney General and those affected, within a reasonable amount of time of suspecting a breach of security. The notifications must include...
Any organization who stores or uses personal information are subject to 201 CMR 17.00. TSI assists organizations by educating & implementing strategies that limit the liabilities of noncompliance & minimize the effect of a data breach.
Not having a written information security program for your business could be putting your data at risk of not only theft, but substantial legal damages. There are strict guidelines to safeguarding consumer information stored on your network.