201 CMR 17 - "Standards for the protection of personal information of residents of the Commonwealth" - takes effect March 1
Bill Horne
ehorne-zY4eFNvK5D9If6P1QZMOBw at public.gmane.org
Mon Feb 1 21:58:10 EST 2010
On 2/1/2010 9:21 AM, Ryan Pugatch wrote:
> Hello all,
>
> Just wanted to remind everyone that 201 CMR 17 takes effect March 1!
>
> If you're not familiar with this regulation, it specifies policies,
> procedures, and security requirements that are needed if you store a
> minimum of first initial and last name in conjunction with a social
> security number, drivers license/id number, financial account number
> (credit, debit, bank account number), or an access code or PIN/password
> that would allow access to a bank account.
>
> This doesn't just apply to companies that accept credit card payments.
> Think of it from an HR point of view as well.
>
> The regulation is available at:
> http://www.mass.gov/Eoca/docs/idtheft/201CMR1700reg.pdf
>
>
I love this part: "/... control of data security passwords to ensure
that such passwords are kept in a location and/or format that does not
compromise the security of the data they protect ..."/
So, does that mean that the tape on the bottom of the keyboard isn't
secure? Do I have to tell my customers to stop using their middle names?
Bill
--
E. William Horne
William Warren Consulting
Computer & Network Installations, Security, and Service
http://william-warren.com
781-784-7287
More information about the Discuss
mailing list