Biscom Delivery Server Blog |  Support |  Contact Sales Now
Home     Solutions     Product     Customers     Partners     Why Biscom?     Company     Resources     Contact Us

Massachusetts Data Breach Law 201 CMR 17.00

"Massachusetts Law 201 CMR 17.00 (Standards for the Protection of Personal Information of Residents of the Commonwealth) implements the provisions of M.G.L. c. 93H relative to the standards to be met by persons who own, license, store or maintain personal information about a resident of the Commonwealth of Massachusetts."

According to the State of Massachusetts' official Web site, this regulation establishes a set of minimum standards to be met in connection with the safeguarding of personal information contained in both paper and electronic records. Additional purposes are to (i) ensure the security and confidentiality of such information in a manner consistent with industry standards, (ii) protect against anticipated threats or hazards to the security or integrity of such information, and (iii) protect against unauthorized access to or use of such information in a manner that creates a substantial risk of identity theft or fraud against such residents.

In an effort to help companies regulated by Law 201 CMR 17.00, the state has published a clear set of computer system security requirements as part of its comprehensive information security program. Along with requirements addressing user authentication protocols, firewall protection, antispyware, physical access security practices, and comprehensive training programs, the law requires that the computer security program support:

  • Secure access control measures that 1) Restrict access to records and files containing personal information to those who need such information to perform their job duties; and 2) Assign a unique identification plus a password, which is not vendor supplied, to each person with computer access;
  • Encryption of all transmitted records and files containing personal information, including those in wireless environments that will travel across public networks.
  • Periodic monitoring of networks and systems, for unauthorized use of or access to personal information, and recording the audit trails for users, events, dates, times, and success or failure of login.
  • Periodic review of audit trails restricted to those with job-related need to view audit trails.
Mass Data Breach Law 201 Compliance: Secure and Track Files with Biscom

Biscom Delivery Server offers those entities subject to compliance with Massachusetts Law 201 CMR 17.00 a cost-effective file security and delivery solution that ensures the proper, consistent safeguarding of personal information. BDS enables compliance by:

  • Encrypting documents and files at rest and in transit.
  • Implementing policies that prevent un-authorized personnel from accessing improper documents and files.
  • Expiring access to documents and files as defined by compliance officers and auditors.
  • Providing detailed logs and audit trails of content access, authorization and usage.
  • Supporting regulatory compliance behaviors without changing the way users work.

How to Reach Us

Biscom, Inc.
321 Billerica Rd.
Chelmsford, MA 01824

Toll free: 800-477-2472
Direct: 978-250-1800
Fax: 978-250-4449

Sales
978-367-3612
sales@biscomdeliveryserver.com

Support
978-250-8355
support@biscomdeliveryserver.com

RESOURCE CENTER

Whitepapers
Datasheets
Customer Stories
Newsletters
Frequently Asked Questions

Call Toll Free:
(800) 477-2472

Biscom Delivery Server Blog