Electronic Security Plan [Massachusetts] Policy Manual

On February 1, 2010, the Massachusetts Office of Consumer Affairs and Business Regulation enacted a new law requiring businesses with access to personal information to have a Written Information Security Program (WISP). Effective March 1, 2010, this new law applies to any business with access to personal consumer information belonging to any resident of the Commonwealth of Massachusetts.

Overview

The plan must outline the company's overall corporate-wide program to detect, prevent, and mitigate information security breaches. Do you have your plan in place?

If not, let AllRegs do all of the work for you with our Electronic Security Plan [Massachusetts] Policy Manual. This policy manual includes everything your company needs to stay compliant with Massachusetts General Law 93H 201 CMR 17.00. From computer system and network requirements and firewall procedures, to prohibited activities and monitoring, the Electronic Security Plan [Massachusetts] Policy Manual satisfies all necessary requirements of the Written Information Security Program. Turn our plan into your plan with AllRegs' Electronic Security Plan [Massachusetts] Policy Manual.



Benefits

The policy features the following benefits:

  • Complete AllRegs' Electronic Security Plan [Massachusetts] Policy Manual, saving you development time and resources
  • This policy is delivered via email within one business day after purchase
  • Includes an outline of the Provisions and Requirements of the law, complete with definitions of important terminology
  • Complete Electronic Security System section addressing all electronic requirements of the law
  • Meet your regulatory or internal compliance requirements
  • Affordable one-time purchase fees

Publishing Services

Publish your manual, including your company procedures, in AllRegs Online as an upgrade to your complete policy manual solution. Ask us how!


Policy Manual
Electronic Security Plan [Massachusetts]
Section Title Priority Action
1.1 Goals and Objectives Mandatory Review Include the point of view or culture of your organization in this section, if applicable.
1.2 Required Review Mandatory Review Be sure this accurately reflects your company’s annual policy review process.
2.1 Internal Controls Mandatory Review Include or reference related procedures in this section.
3 Staff and Training Mandatory Review Include the means by which your organization provides and tracks required training.
5.2 E-Mail Policy Recommended Best Practice Modify this section with policies and procedures specific to your organization.
5.5 Prohibited Activities Optional Enhancement This list is related to e-mail systems, networks and Internet, and you may need to include content unique to your business.
5.11 Document Destruction Mandatory Review Revise this section to reflect your actual procedures.