On March 1st 2010 M.G.L. - Chapter 93H requiring a written information security policy. It basically states if you record Social Security Numbers or take Credit Cards you must have a written policy stating how you protect that information from the bad guys.

How can we help?

1. •Help you design policies regarding information security, acceptable use, and information technology so that we can document your compliance with these strict regulations.

2. •Perform a vulnerability assessment of your information technology infrastructure and prescribe solutions to any vulnerabilities.

3. •Perform a risk assessment, taking into account the standards of MGL 93H and 93I, to identify how strong your business controls are for protecting this sensitive information and where you need improvement.

4. •Help administer cost-effective hardware and software solutions to make your business more secure, including data encryption, anti-virus, -malware, and –spyware software, network infrastructure and firewall improvement, and even employee training.

What are the Penalties?

1. • A violation of 93H levies fines of up to $5000 per record compromised.

2. • A violation of 93I levies fines of up to $100 per record compromised with a maximum of $50,000.

3. • This does not take into consideration the loss of your company’s hard-earned reputation and the potential loss of credit.

To review the WISP checklist follow the following link:
http://www.mass.gov/Eoca/docs/idtheft/compliance_checklist.pdf

For more information on the MGL 201 read the following link:
http://www.mass.gov/Eoca/docs/idtheft/201CMR1700reg.pdf

WISP in the News:

http://www.free-press-release.com/news-massachusetts-businesses-are-you-in-compliance-1249586745.html

Call 508-809-6061 to get started.