Massachusetts Data Security Law
A comprehensive coordination and support service for the implementation of the Massachusetts Data Security law 201cmr 17.00 – The standards for protecting the personal information of the residents of the Commonwealth of Massachusetts.
This Risk Management program follows an A.I.M approach towards ‘getting it done’
The process creates a valuable documented method of implementation in case of a potential future breach of personal information in your environment.
Consulting service includes but not limited to:
- Visiting and assessing facility to create gap analysis for identification and action plan
- Meeting to discuss findings for action plan
- Consulting and coordination between all departments including “Privacy Officer”, Employee, Financial, I.T, and paper/data destruction company
- Audit of document and record retention (as required for compliance)
- Drafting, reviewing and revising site specific detailed Written Information Security Plan (WISP)
- Review and coordinate employee policy and procedure updates about compliance of 201cmr
- Review of HIPAA, HITECH and Business Associate agreements
- Third Party vendor coordination
- Employee training
- Support material including necessary tools and checklist to support the compliance process
- E-mail – telephone consulting