Data Security Consulting

Is Your Business Compliant With the New Massachusetts
Data Security Regulations?

January 1, 2010 Compliance Deadline

Over the past few years, the news has been full of stories about identity theft: stolen laptops that contained important personal data; disgruntled ex-employees able to access information online or through their PDAs; information thieves snagging data from unencrypted wireless devices. Governor Patrick signed a comprehensive data security bill into law on August 2, 2007 and the regulations of this law go into effect on January 1, 2010. The regulations call for businesses to:

• Encrypt documents sent over the Internet, wirelessly, or saved on laptops or flash drives.
• Use up-to-date firewall and malware protection that only permits authorized users to access or transmit data.
• Implement a Written Information Security Program (WISP) based on an industry standard security framework. This document shall include all of the policies, procedures and controls necessary to secure personal data

Odds Are The New Regulations Do Apply To Your Business.

Do you gather customer information? Or have even one employee? If so, then the 201 CMR 17.00 regulations do apply to your business. Essentially, if you store a Massachusetts resident's last name and first name on computer or on paper AND store any of the following data, this is considered "personal information" and the new law is applicable to your business:

1. Social Security number.
2. Driver's license number or state-issued identification card number.
3. Financial account number
4. Credit or debit card number.

Caution: These New Regulations Have Teeth!

If you don’t comply and a breach occurs, the State will most certainly view you as negligent. Fines start at $5,000 per (treble damages can apply), potential for failure to properly report a breach ($50,000 per), $50,000 for improper disposal of records (such as old computers and paper), and legal/investigative costs. To safeguard against any potential personal or indemnification issues, you should take steps NOW.

To receive "5 Questions and Answers about the New Massachusetts Data Security Regulations," please fill out the following information. We’ll send a PDF to you via email right away.

*	Indicates required field
*	first name
*	last name
	title
*	telephone
*	email address
	company name

	total number of desktops in your business
	total number of servers in your business
	the Operating System used by your business

• Managed Services
• IT Project Services
• IT Consulting
• Technical Support
• Data Security Consulting

This free report will answer many of your key questions about the new Massachusetts Data Security Regulations.

Most businesspeople will find it daunting to tackle both the technical and regulatory aspects of this new law, particularly before the deadline. That’s why Citara Systems and our partners are ready with a total solution for this stringent regulation—so you can focus upon growing your business.

Call or email to Anthony Colarullo:
P: 781-718-6991
E: info@citarasystems.com