Untitled Document
MA Information Security Regulation 201 CRM 17.00

Aserdiv Services offering:

  • Statement of Work
  • Define Policies and Processes
  • Preventative Controls
  • Detective Controls
  • Validation Controls
  • Written Information Security Policy (WISP)

Content on this page requires a newer version of Adobe Flash Player.

Get Adobe Flash player

201 CMR 17.00 Documentation:

Call 781-551-8317 for more information

Aserdiv’s Detailed Onsite Assessment:
Gateway for Compliance in Massachusetts for your Personal Information

What types of organizations need to comply with 201 CMR 17.00?

Every corporation, partnership, or other legal entity that owns, licenses, stores or maintains Personal Information about a resident of Massachusetts. Even businesses that do not handle consumer data are required to comply with 201 CMR 17.00. For example, Human Resources data falls into this category, if you have Massachusetts employees. Call 781-551-8317 for more information

Penalties for Not Complying with 201 CMR 17.00

  • Up to $50,000 per improper disposal
  • Maximum of $5,000 per violation
  • Massachusetts Attorney General can take action
  • Lost Business / Time Spent / Associated Costs

Other states such as Washington, California and Montana have currently passed similar laws.

How can Aserdiv help Organizations with Massachusetts Compliance Regulations?

Ensure that your company is compliant with 201 CMR 17.00 by January 1, 2010. As a Mass. IT Services provider, compliance in Mass. is in our best interest to protect personal information at all reasonable costs.

If your company’s IT information security budget only includes anti-virus software and firewall data protection, your company is ignoring some very serious threats to your confidential data – from both outside and inside your organization.

Aserdiv Compliance CMR 17.00 Assessment

Aserdiv’s process for providing Massachusetts organizations with an onsite assessment will ensure your company’s compliance to 201 CMR 17.00.

  1. Initial Qualifying Phone Call - Aserdiv’s Advanced Services Group will identify what areas within organization are not meeting the certain requirements identified under the new regulations.
  2. Summary Analysis - Once the initial phone call is concluded, a brief summary will be produced by the engineer and submitted to the company.
  3. Scope of Work - If the organization chooses to move forward, we will customize a deliverable for the client’s infrastructure requirements in order to become completely compliant.
  4. Detailed Onsite Assessment - By working with Aserdiv, we can define policies and processes through preventive controls, detective controls, validation controls, and a WISP for your organization.

Call 781-551-8317 for more information


Untitled Document

Home | About Aserdiv | Contact Us | News & Events | Partners
Solutions: Data Center Optimization | Green Initiatives | Data Management
Service Delivery: Logistics & Fulfillment Services | Managed Services | Data Center Assessment
CIO Resource Center | Site Consolidation | Sustainability: Green Initiatives | Data Center Readiness Planning

Going Green | Green Energy | Avocent: Green Grid | WAN Optimization | Virtualization | Business Financing | Equipment Financing

Server Virtualization | Infrastructure Virtualization | Data Center Optimization | Integrated Power Management | KVM | KVM over IP | KVM Switches

201 CMR 17.00 | Compliance | Avocent Event | Massachusetts Compliance | WISP