NSK Inc Boston IT Consultants logo
IT Services

Are you Compliant? – We can help.

For Legal Resources and help with MGL 93H 201CMR17, NSK Inc has been working with Burns and Levinson, LLP. If you have any legal questions regarding this new regulation please give them a call at: 617-345-3000.

Notifications Report – from the Massachusetts Office of Consumer Affairs and Business Regulation (OCABR). Explains reasoning for the law being written

Your Timeline for Compliance – Map out what needs to be done in the next couple of months to become compliant with 93H 201CRM27.

Frequently Asked Questions Regarding MGL 93H 201 CMR 17.00 - Answered by the OCABR

Massachusetts Data Security Regulations: New Rules and Old Lessons - This is a PDF download of a presentation that was delivered by Barbara Anthony, Undersecretary of the Office of Consumer Affairs and Business Regulation to the Financial Services Committee early in November.

201 CMR 17.00 Compliance Checklist – The OCABR has compiled this checklist to help small businesses in their effort to comply with 201 CRM 17.00. This Checklist is not a substitute for compliance with 201 CRM 17.00. Rather, it is designed as a useful too to aid in the development of a written information security program for a small business or individual that handles “personal information.” Each item, presented in question form, highlights a feature of 201 CMR 17.00 that will require proactive attention in order for a plan to be compliant.

Purposes of this Law

201CMR17.00 Standards for the Protection of Personal Information of Residents of the Commonwealth

Red Line Changes to 201 CMR 17.00 as of August 17, 2009

Purposes of this Law

This regulation implements the provisions of MGL 93H relative to the standards to be met by persons who own, license, store or maintain personal information about a resident of the Commonwealth of Massachusetts. This regulation establishes minimum standards to be met in connection with the safeguarding of personal information contained in both paper and electronic records.

Further purposes are to:

  • To ensure security and confidentiality of information consistent with IT industry standards
  • To protect against anticipated threats or hazards to the security or to the integrity of information
  • To protect against unauthorized access to or use of such information

What the Assessment Will Evaluate

What You Receive After the Assessment

Email Us Contact NSK

Download Press Release Office of Consumer Affairs Press Release

(8/17/2009)

The white paper is sent to your email address