Identity Finder Helps You Comply with Massachusetts 201 CMR 17.00
Identity Finder helps companies and organizations simply and affordably comply with the Massachusetts Data Security Law,
201 CMR 17.00. Among the more stringent state data security laws, Massachusetts' data security law is designed to
protect personal information of Massachusetts residents. Companies in every state must comply with 201 CMR 17.00
if they have even one customer or employee living in Massachusetts, or if they otherwise own, license, store or
maintain personal information about a resident of the Commonwealth.
To improve security and reduce breaches, the Massachusetts Data Security Law requires companies to:
- Develop, implement, maintain and monitor a comprehensive, written information security program applicable to any records containing personal information.
- Implement administrative, technical, and physical safeguards to ensure the security and confidentiality of records containing personal information, in accordance with the security program.
- Implement industry standards as a part of the security program.
How You Will Comply with Mass. 201 CMR 17.00
Identity Finder enforces compliance with Massachusetts 201 CMR 17.00 and decreases audit and compliance costs in at least 18 ways:
- Identity Finder finds and secures sensitive data such as social Social Security Numbers, Credit Card Numbers, Protected Health Information, Credit Card Data, Bank Account Numbers, Passwords, Dates of Birth, Phone Numbers, Driver License Information, Personal Addresses, Canadian Social Insurance Numbers, Australian Tax File Numbers, United Kingdom National Insurance Numbers, United Kingdom National Health Service Numbers, and Passport Numbers within your organization's network.
- Identity Finder finds sensitive personal information in any file type, on any network device, over the entire enterprise network, and gives you the tools to eliminate unnecessary sensitive information or consolidate necessary data;
- Identity Finder facilitates a comprehensive information security program by regularly monitoring and auditing employee access to personal information.
- Identity Finder helps prevent unauthorized access or unauthorized use of personal information by removing PCI data from systems, devices and employees who do not need it;
- Identity Finder empowers you to develop a security policy for employees who telecommute that takes into account whether and how such employees are allowed to keep, access and transport data containing personal information.
- Identity Finder helps you enforce secure access control measures that restrict access to records and files containing personal information to those who need such information to perform their job duties.
- Identity Finder enables employees or security and compliance officers to shred/destroy, redact, encrypt, or quarantine errant sensitive personal data;
- Identity Finder enables security and compliance officers to conduct security and compliance assessments, creating a gap analysis demonstrating systems that are in and out of compliance;
- Identity Finder’s gap analysis drives business process changes that prevent future personal information data leakage;
- Identity Finder enables security and compliance officers to identify specific devices and employees who store personal data, and enforce enterprise PCI data policies from a centralized console;
- Identity Finder implements and enforces data retention and disposal policies;
- Identity Finder implements masking and redaction policies when configured to so;
- Identity Finder produces regular enterprise-wide reports that will decrease audit and compliance costs;
- Identity Finder encourages employees to engage in data security best practices by empowering them to manage errant PCI;
- Identity Finder creates a comprehensive personal information data inventory over the entire enterprise network;
- Identity Finder’s personal information inventory enables a targeted, surgical response, should a breach ever occur;
- Identity Finder has an extremely low false-positive rate, enabling security and compliance officers to save on wasted time and costs evaluating irrelevant data;
- Identity Finder provides a dashboard and reporting interface for both technical and executive level employees that displays your compliance status at any point in time.