Subscribe to our blog

Your email:

Browse by Tag

Tech Tips Blog

Current Articles | RSS Feed RSS Feed

Written Information Security Plan (WISP): 9 Business Days Left

Posted by Lee Motta on Tue, Feb 16, 2010 @ 01:05 PM
Submit to Digg digg it |  Add to delicious  delicious |  Submit to StumbleUpon StumbleUpon | Submit to Reddit reddit 

ATTENTION: Time is running out! Is your WISP plan ready?

All organizations that employ or have a customer base that reside in the Commonwealth of Massachusetts need to have a detailed Written Information Security Plan (WISP) in place by March 1st, 2010.

Feel free to blog any questions or concerns regarding the 201 CMR 17:00 - Standards for the Protection of Personal Information of Residents of the Commonwealth.

Cut and paste the link below which was distributed by the “Massachusetts Office of Consumer Affairs & Business Regulations”, and contains important information in achieving WISP compliance:

http://www.mass.gov/Eoca/docs/idtheft/201CMR1700reg.pdf

0 Comments Click here to read/write comments
Tags: ,

Do You Have Your Mass WISP Document in Place for March 1st?

Posted by Len Diana on Wed, Feb 10, 2010 @ 10:19 AM
Submit to Digg digg it |  Add to delicious  delicious |  Submit to StumbleUpon StumbleUpon | Submit to Reddit reddit 

On September 19, 2008 the Massachusetts Office of Consumer Affairs and Business Regulation established new identity-theft regulations, 201 CMR 17.00: Standards for The Protection of Personal Information, which requires all Massachusetts businesses to protect all personal information of the citizens of the Commonwealth. Accompanied by Massachusetts law M.G.L. c 93H

201 CMR 17.00's requirements include up-to-date antivirus software, firewalls, encryption and a Written Information Security Plan (WISP) along with other documentation. Massachusetts WISP plans with these compliance standards must be met by businesses by March 1, 2010.

We recommend that you read the Office of Consumer Affairs and Business Regulation FAQ, at: http://www.mass.gov/Eoca/docs/idtheft/201CMR17faqs.pdf

2010-02 Compliance with 201 CMR 17:00, Standards for the Protection of Personal Information of Residents of the Commonwealth

http://www.mass.gov/pageID=ocamodulechunk&L=4&L0=Home&L1=Government&L2=Our+Agencies+and+Divisions&L3=Division+of+Insurance&sid=Eoca&b=terminalcontent&f=doi_Bulletins_bulletins_10_02&csid=Eoca

Can Baesis help?

Yes, as part of our WISP services, Baesis will perform the following procedures that are required by the 201 CMR 17 Regulations:

  • Develop a customized WISP
  • 27 Point Network Audit: Ensuring that their network meets the regulations of security requirements. (Baesis managed service clients should already meet or exceed most of these requirements)
  • Risk Assessment
  • Create an action plan for remediation to achieve compliance
  • Provide on-going assistance in maintaining compliance
  • Establish network security, policies and procedures


0 Comments Click here to read/write comments
Tags: ,
All Posts