201 CMR 17.00

Deadline: March 1, 2010. State law mandates standards for protection of personal information.

Compliance raises enterprise IT controls from optional risk management projects to legal mandate.

Eos Systems can help with proven solutions to meet legal requirements.

Eos Systems will:

• Identify the essential requirements to support your business goals and prevent non-compliance penalties
• Deploy policies to protect all personal data
• Integrate best practices for encryption
• Implement the proper technologies associated with the new regulation
• Provide ongoing support

201 CMR 17.00: Standards for protection of personal information of residents of the Commonwealth of Massachusetts.

This regulation establishes minimum standards to be met in connection with the safeguarding of personal information contained in both paper and electronic records.

Every person that owns, licenses, stores or maintains personal information about a resident of the Commonwealth and electronically stores or transmits such information shall include in its written, comprehensive information security program the establishment and maintenance of a security system covering its computers, including any wireless system, that, at a minimum, shall have the following elements:

1. Secure user authentication protocols
2. Secure access control measures
3. Encryption of Data
4. Network Monitoring
5. Auditing

Eos Systems is a qualified provider with proven solutions to help you meet the legal requirements of Mass. 201 CMR 17.00.