Home | Email Us | Contact Us

Home Page
Managed Services
- Device Management
- Network Management
  - Firewall / VPN Security
  - Managed Switches
  - Wireless Access
- Security Services
  - Email Security
  - WEB Security
  - Data Loss Prevention
- Compliance Services
- VoIP Services
- Disaster Recovery
HAAS Managed Services
- HMS News Letter
 - Our Process for HMS
 Hosting Services
- Email Hosting
- WEB Hosting
Company Info
Technical Support
Referral Fee Program
Contact Us
  Technical Support


 

Client Access Portal

 

 

Exchange WEB Mail

 

 

 

38 Montvale Avenue
Suite 315
Stoneham, MA  02180
Tel #: 1-800-616-7706

 

Compliance Services

 

201 CMR 17.00 Mass Privacy Law

The Massachusetts Office of Consumer Affairs and Business Regulations (OCABAR) issued a comprehensive set of regulations establishing that any business that collects and maintains personal information of a citizen of the Commonwealth of Massachusetts must comply with the regulations set forth in 201 CMR 17.

The storage of this personal information (ie: social security numbers, credit card information or other personal data) on your computer network means that you need to comply with the network security measures set forth in the law. If you do not have a dedicated IT professional employed, we strongly recommend that you work with a certified IT professional from SourceOne IT who can review your network, provide your company with a Written Information Security Plan (WISP), as well as provide ongoing network maintenance to ensure its security and compliance.

The following are 8 key areas that can be evaluated by SourceOne IT in an effort to analyze your network in preparation for developing and implementing your Written Information Security Plan (WISP).

  • Utilize a Certified IT Professional from SourceOne

  • Password Security

  • Network Antivirus Protection

  • Email Virus and Spam Protection

  • Laptop Security Encryption

  • USB and Portable Storage Devices

  • Email Security Encryption

  • Network Firewall

If you would like SourceOne IT to provide your company with a Written Information Security Plan, please click here 201 CMR 17 WISP Questionnaire to provide the initial information needed to complete your WISP.  (Please note that you will need a password that can be obtained by contacting your SourceOne IT representative)

Does my business need to comply?

All businesses and other legal entities that owns or licenses personal information about a resident of the Commonwealth is required to develop, implement and maintain a comprehensive, information security program applicable to any records containing such personal information. Personal Information will frequently be included in payroll records, employee and candidate HR files, student files, patient data, and certain consumer-related files.

What if I don’t comply?

A civil penalty of $5,000 may be levied for each violation of M.G.L. 93H 201 CMR 17.00. In addition, under the portion of M.G.L. 93I concerning data disposal, businesses can be subject to a fine of up to $50,000 for each instance of improper disposal.

 

 

 

  

 

 

Copyright 2009 SourceOne IT, Inc.  All Rights Reserved.