Professional Documents
Culture Documents
3(c)
ClientAdvisory
March 2010
Mar
ticularly among members of the Massachusetts
1
business community, who widely complained that
they were inflexible, overly broad and expensive
to implement.
2010
business practices that minimize the risk of future
data breaches.
© 2009 Gesmer Updegrove LLP. All rights Reserved. www.gesmer.com 40 Broad Street, Boston, MA 02109 617.350.6800
3. mandate disciplinary measures for 11. require the encryption of any personal
violations; information that is transmitted over the
Internet, transmitted over an unsecured
4. prevent access to personal information by wireless network, stored on a laptop, or
former employees; stored on a portable device such as a
Blackberry;
5. with respect to third-party service providers
with access to a personal information, 12. provide for up-to-date anti-virus software,
it must provide for due diligence and operating system security patches and
appropriate contractual terms to ensure firewall patches with respect to any
that the contract will treat such information computers that can access personal
in a manner consistent with regulatory information; and
mandates;
13. establish regular education and training of
employees on the proper use of computer
security systems and the importance of
personal information security.