Description
The State of Massachusetts Data Breach Notification Act (MA-DBNA) replaced previous legislation requiring companies, businesses, and organizations to notify individuals when a security breach places Massachusetts residents’ personal data at risk. (It is also referred to by its short-name, “The Massachusetts Standards.”) This law addresses potential risks such as data not adequately being protected by, for example, encryption, two-factor authentication, or worse, data exfiltrated by unauthorized individuals or nation-state actors like China, Russia, or Iran.
201 CMR 17.00: Standards for the Protection of Personal Information of Residents of the Commonwealth is the regulation that implements the provisions of M.G.L. c. 93H relative to the standards to be met by persons who own or license Personal Information (PI) about a resident of the Commonwealth of Massachusetts. As a part of the requirements of this regulation, companies and agencies must as of its 2010 enactment, create, impment, and train employees by an established Written Information Security Program (WISP).
This template is designed to not only provide standards as prescribed by Massachusetts legislature, but to make suggestions to strengthen organizational cybersecurity measures to protect citizen data. This is the first-of-its-kind deep dive template to help the Massachusetts business owners and their staff.
Reviews
There are no reviews yet.