Regulatory Compliance » MA State Data Protection Law

MA State Identity Theft Law (201 CMR 17.00)

Required Written Security Program

Any business that processes or stores personal information of Massachusetts employees, consumers or other residents needs to establish a written, comprehensive information security program. Save thousands of dollars by using our comprehensive library of pre-written information security policies that cover each security requirement of 201 CMR 17.00.

Key Security Policy Requirements

MA State Law 201 CMR 17.00 ("Identity Theft Law") contains a number of specific provisions required in the written information security program. These must all be documented in written policies that are read and understood by all employees.

Information Shield publications address each of the core requirements of the law including: (a) Assigned Security Responsibility (b) Risk Assessment (c) Developing security policies for employees (d) Disciplinary measures for violations (e) Employee termination procedures (f) Service Provider Oversight (g) Physical Security Controls (h) Monitoring (i) Annual Security Program Review (j) Incident Response

Develop Security Policies Quickly
Information Security Policies Made Easy Information Security Policies Made Easy by security policy expert Charles Cresson Wood, CISA, CISSP includes over 1400 pre-written information security policies and expert advice covering all security requirements of 201 CMR 17.0. Used by over 9000 organizations in 60 countries.

  » Learn More » Request a Sample

Keep Policies Up to Date
The PolicyShield Information Security Policy Subscription contains over 1700 pre-written policies with regular updates based on the latest threats, technologies and regulatory changes. Let our experts monitor the latest trends and write the policies you need when you need them.

  » Learn More » Request a Sample

Document Security Roles

Information Security Roles and Responsibilities Made Easy Information Security Roles and Responsibilities Made Easy provides expert guidance and templates for building an effective security organization. According to MA State Law, security roles and responsibilities must be defined and documented. Save your organization hundreds of hours of effort in developing and documenting your security organization.

» Learn More  » Request a Sample

Educate Employees
MediaPro Through our partnership with Media Pro, Information Shield offers the award-winning onGuard ™ series of security and privacy awareness training modules. Easy to use and customize, onGuard computer based training courses address the key employee training requirements of MA 201 CMR 17.

» Learn More  » Request a Sample


Regulatory Compliance » MA State Data Protection Law

Security Policy Professional Services
Learn More
» Request a Sample
» All Products
» Order Online
» Contact Us
Security Policy Map
Contact us to receive your free MA State Law Security Policy Matrix » Get it Now
Stay Informed
Sign up for our free Policy Solutions Newsletter

Email:
" Every person that owns or licenses personal information about a resident of the Commonwealth shall develop, implement, and maintain a comprehensive information security program that is written in one or more readily accessible parts."
- 201 CMR 17.03
Other Regulations
» PCI-DSS Solutions
» ISO 17799/27001
» COBIT/Sarbanes-Oxley
» HIPAA Security and Privacy
» More regulatory solutions
Other Products
» Privacy Management Toolkit
» Information Security Roles & Responsibilities Made Easy
» Security Awareness Newsletter
Security Policy Tools
» Regulatory Requirements
» Security Policy News
» Security Policy Whitepapers
» More Policy Tools