Beginning March 1, 2010, the new Massachusetts privacy law will mean tougher privacy and security regulations for all companies with customers residing within the state. For financial firms, this may require changes to their Reg S-P and BCP policies. The focus of the new regulations is on safeguarding customer information. Firms having customers that are residents of the state are required to have a written plan that includes, among other items:
- How firms identify and handle personal information of their customers
- Who has access to customer personal information and how is confidentiality maintained
- IT security protocols - how information is kept secure within a firm's technology
- Encryption - mobile devices that house or transmit personal customer information must be encrypted for security
- Service Providers - the written plan should address due diligence procedures and oversight of third party data vendors
- Employees - firms are required to have training plans for employees that address how to handle customer personal information
- Annual Reviews - the new law requires annual reviews of firm privacy and security policies to determine their effectiveness
Learn about FrontLine's Customized Policies and Procedures
View new Massachusetts regulation 201 CMR 17.00: Standards for the Protection of Personal Information
FrontLine Compliance, LLC is a regulatory compliance consulting firm of former high-level regulatory insiders offering customized services to broker-dealers, investment advisers, investment companies, hedge funds, and insurance company affiliates. Staffed by former SEC and FINRA regulators, and chief compliance officers, FrontLine Compliance provides the kind of industry knowledge, experience and expertise on regulatory issues only available from well-seasoned insiders. For more information about the firm, please visit www.frontlinecompliance.com.
FrontLine Compliance, LLC
phone: 888-518-8070
email: info@frontlinecompliance.com
www.frontlinecompliance.com
 Forward to a Friend
 ShareThis
| 
