SubscribeClick here to subscribe to our weekly e-newsletter for free
Follow us on Twitter
Find us on Facebook Connect with us on LinkedIn Connect with us on Google+ RSS
New England Daily News

Contact Suffolk Construction for all of your construction needs - www.suffolkconstruction.com - (617) 445-3500

Boston, MA-Diversified Project Management, Inc. completes relocation project for Communispace, Inc.
Contact NAI Hunneman for all of your brokerage needs - www.naihunneman.com - (617) 457-3400

 Woburn, MA-Cummings Properties completes energy efficiency program in 40 buildings
Contact NE Moves Mortgage LLC for all of your financial needs - sid.spiegel@nemoves.com - (781) 684-5712

 Ayer, MA-The Stubblebine Company signs Hood Industries to 74,240 s/f lease
Contact The Simon Cos. for all your management needs - www.simoncompanies.com - (781) 848-2500

 Quincy, MA-Street-Works Development, LLC and The Beal Companies to redevelop downtown Quincy - $1.6 billion
Contact CBRE/New England for your appraisal and consulting needs - webster.collins@cbre-ne.com - (617) 912-7000

 Malden, MA-Regazzini of Combined Properties, Inc. brokers three lease renewals totaling 76,318 s/f

New standards in Mass. for protection of personal info

Lisa Hartman, Albert Risk Management Consultants
Lisa Hartman, Albert Risk Management Consultants

A tough new ground breaking law went into effect on March 1, 2010. This law requires all businesses in Massachusetts, without exception, implement a Written Information Security Plan (WISP) designed to protect personal information of employees and clients/customers.

Personal information is defined as a first name or initial with a last name, in combination with any one or more of the following:

* Social Security Number

* Driver's license number or state-issued id

* Financial account number or credit or debit card number (with or without a security code, access code, personal id number or password)

Although many people know of the law, most are not familiar with its details because others, such as IT staff, are tasked with addressing it. Here are a few salient points that may be of interest:

* It not only applies to businesses that have Massachusetts employees, it also applies to those with Massachusetts customers or suppliers; therefore, its reach is global.

* It requires implementation of a Written Information Security Plan (WISP).

* Possessing even small amounts of sensitive data (such as employee W-4s) requires compliance with the law.

* Fines and penalties for non-compliance can be severe.

As with most risks, prevention is the best place to start. To further protect your interests, there are insurance products that cover privacy injury or regulatory liability; notification, credit monitoring, and/or crisis management expenses. Since terms and conditions vary widely among insurers, these forms must be carefully reviewed.

It is best that you consult with your attorneys and network security experts to implement a good WISP that both complies with the law and protects you from liability and reputational injury. However, from a risk management and insurance standpoint, you should be aware of the potential ramifications of this law. Aside from steep fines and penalties, this law clearly outlines a standard of care and failing to adhere to this standard will likely result in larger liability awards.

Lisa Hartman, ARM is the director of claims and loss management at Albert Risk Management Consultants, Needham, Mass.

Story ran in the Massachusetts section on 03/12/2010

Post your opinion >>










* The Real Estate Journal reserves the right to edit and/or take down comments that are vulgar, mean spirited or otherwise don't contribute towards civilized and constructive dialog between our users.




Massachusetts

Story Tools