In February 2010, Massachusetts raised the bar in security for businesses keeping it's residents’ information, by creating the most comprehensive data protection and privacy law in the United States – 201 C.M.R. 17; also, known as the Standards for the Protection of Personal Information of Residents of the Commonwealth. This regulation issued by the Department of Consumer Affairs requires all businesses that license or own personal information of a Massachusetts resident to comply with the minimum-security standards set forth in the regulation.
Given the huge importance of technology, IT management is the cornerstone of any modern business, but not every organization possesses the resources to develop an in-house IT solution that caters to their business needs.
Thanks to Massachusetts General Law 93H (MGL 93H) and 201 CMR 17, state businesses have been mandated to produce comprehensive data security programs to protect their customers' personal information since 2010.