Compliance Week broadcast a webcast on the new Massachusetts data privacy regulations: Decoding the Science of Compliance — Are you Ready for 201 CMR 17.00? (and sponsored by Iron Mountain).
Garry Watzke, Esq., Senior Vice President Legal & Business Development at Iron Mountain, Inc. started with the basics which I have noted in several other places:
- The New Massachusetts Data Privacy Regulations (by Goodwin Procter)
- Data Privacy Roundtable (by Deloitte)
John Jamison, Vice President Consulting Services at Iron Mountain, Inc. moved on to implementation challenges. He points out that this is not a pure IT project. There is no single tool that provides coverage across the multiple platforms in most businesses. There is IT, but there is also a business-wide program that needs to be in place and maintained.
Garry points out that you need to maintain employee compliance and have a way to detect and prevent system failures.
See also these prior posts: