- Contact Us
The MA 201 CMR 17 regulation requires that every organization that owns, licenses, stores or maintains personal information about a resident of the Commonwealth of Massachusetts develop, implement, maintain, and monitor a comprehensive written information security program applicable to any records containing such personal information. The information security program shall be reasonably consistent with industry standards, and shall contain administrative, technical, and physical safeguards to ensure the security and confidentiality of such records. The very first violation of this Massachusetts law resulted in a restaurant chain being fined $110,000. Through our MA 201 CMR 17 Risk Assessment, we will evaluate 20 separate control objectives to understand how your organization is adhering to the requirements of MA 201 CMR 17.
Let Compass IT Compliance assist your organization in assessing any risks present through our MA 201 CMR 17 services so you can secure your personal information environment, comply with regulatory compliance requirements, and save time, money, and resources in the process. Contact Us today to discuss your unique situation. Secure. Comply. Save.