The Non-Profit Toolbox
  • Facebook
  • Twitter
  • Youtube
  • Rss
  • Home
  • Events
  • Sponsor
  • Speakers
    • Past Speakers
  • About
    • Lisa Morrissey
    • Reiko Beach
    • Tom Beach
  • Contact

Massachusetts New WISP Affects Non-Profits

Home» Governance » Massachusetts New WISP Affects Non-Profits

MA Law 201 CMR 17.00 Affects Non-Profit Organizations Too

MASS 201 CMR 17.00 Includes Non-Profit Organizations

This new regulation going into affect March 1, 2010 is perhaps the most far-reaching personal information data security regulations in the country.  This new regulation will apply to all individuals, corporations, associations, partnerships and other legal entities (regardless of where they are located) that own, license, store or maintain personal information about a Massachusetts resident.  Yes this does include Non-Profit Organizations.

Personal information is can be any portion of someones name in conjuction with: a Social Security number; driver’s license number or state-issued identification card number; or financial account number, or credit or debit card number.  The regulation requires a written information security plan (WISP).

So if your organization takes any personal information it is required to have a written plan for the security of that information.  This could be as little as taking a check for a silent auction item at one of your fundraisers.  The plan needs to be specific to your organization and contain the following:

  1. Designating an individual to be responsible for the program.
  2. Minimizing the use, retention and access of and to personal information.
  3. Protecting and restricting access to paper records and electronic records (including through password, encryption, and firewall technology)
  4. Ensuring that third parties with access to personal information comply with the requirements.

For the full MA 201 CMR 17.00 click here.

Want to learn more about the legal issues that affect your organization? Join us at our next non-profit mini-conference.








Photo credit: flickr.com/photos/mikeygottawa

MA 201 CMR 17.00, non-profit, nonprofit education, nonprofit resources, nptoolbox

3 comments on “Massachusetts New WISP Affects Non-Profits”

  1. Israel Vankirk says:
    April 1, 2010 at 12:48 pm

    I have been visiting your blog lately because I am fascinated in reading the quality articles that you post. Keep it up!

  2. Nowell Bloomenthal says:
    January 29, 2011 at 6:58 pm

    How can I get a sample WISP for a non profit?

    Thank you, Nowell.

  3. Reikob says:
    January 30, 2011 at 9:09 am

    Hi Nowell,
    Thanks for the question, if you are in MA, you can use the guidelines that the state offers for small business: http://www.mass.gov/Eoca/docs/idtheft/sec_plan_smallbiz_guide.pdf after all, a non-profit is a business.

RSS News

  • WordPress Security
  • 2 events with QCI
  • Slides for WordCamp Boston – Plugins talk 8/23/14
  • 10 Apps to Make Working Easier

Topics

  • Branding
  • Business
  • Creating Raving Fans
  • Events from Members
  • Free
  • Fundraising
  • General Info
  • Governance
  • Grant Writing
  • Human Resources
  • Media
  • Non-profit Accounting
  • NP Board
  • NP Events
  • Organization
  • Socialmedia
  • The Power of Words
  • TTBI-programs
  • Video
  • Volunteers
  • web development
  • Welcome

Archives

Other Toolbox Info

  • i-Network.biz
  • Tech Day Camp
  • The Toolbox Inc.

Related Companies

  • LIDO Consulting Group
  • TRB Design, Inc

Recent Posts

  • i-Network
  • South Shore Tweetup – May 2
  • Marketing Breakfast
  • South Shore Tweetup
  • Tech Day Camp

Connect with us:

info@thenon-profittoolbox.com
781.544.4574

Other Supporters:

3thought
Image Resolutions
scHammond Advisors

(c) 2012 The Toolbox, Inc.