DMsuite Data Masking Solutions Compliance
Compliance: MGL 93H CMR 17.00

Massachusetts General Law Chapter 93H (MGL 93H) is a law requiring all businesses in Massachusetts to take serious measures to prevent identity theft. 

Are you prepared?

 

Comply With Massachusetts General Law 93H

Massachusetts Data Security Standards (MGL 93H)

Massachusetts General Law Chapter 93H (MGL 93H) is a law requiring all businesses in Massachusetts to take serious measures to prevent identity theft.  Any business holding personal information (PI) of a Massachusetts resident is subject to this law.  PI includes resident names, social security numbers, driver’s license numbers, financial account numbers (including credit or debit card numbers), etc.

201 CMR 17.00 implements the provisions of M.G.L. c. 93H relative to the standards to be met by any entity who owns, licenses, stores or maintains personal information about a resident of the Commonwealth of Massachusetts. This regulation establishes minimum standards to be met in connection with the safeguarding of personal information contained in both paper and electronic records.

The potential impact to any company or institution varies based on the type and size of its underlying exposure. Axis Technology can quickly provide a comprehensive non-intrusive study of your envi­ronment related to 201 CMR 17.00 and satisfy the first requirement of the new law in the process. This service is extremely flexible and affordable, yet provides significant insight and an effective decision making platform going forward.

How DMsuite™ Solves the Problem

Axis DMsuite is a product that profiles, provisions, and redacts data without slowing down business processes or time-to-market.  This Data Masking Suite integrates seamlessly with all existing platforms and applications, providing a flexible and cost-effective way to secure customer and company data throughout your entire enterprise.  Its components work in concert to provide a comprehensive solution to MGL 93H privacy compliance.

  • DMprofiler - Understanding where the data is challenging, but it's very important. If you don't know where your data is you can't secure it.  The profiler searches databases for personal information, locating and documenting the source and recipient systems throughout the information supply chain.
  • DMgenerator – Many people and systems need access to sets of data for entirely legitimate reasons, and preventing or complicating that access can grind your business to a halt.  DMgenerator masks and provisions personal information in such a way that it maintains its value for other uses.  The enterprise can tailor data masking methods to their unique protection needs without application reengineering or any significant impact on testing.  DMgenerator produces a clearly auditable result with a measurable, documented, and repeatable process for protecting personal information.
  • DMcertify – Data security is never a one-time fix.  Changing processes and ongoing development frequently begin to reintroduce personal information into repositories after a data masking exercise has been completed. DMcertify periodically evaluates and recertifies environments to ensure ongoing security, and periodically report on compliance.
  • DMmonitor – Any security plan needs a watchful eye to identify and stop suspicious activity.  DMmonitor continually assesses personal information access, ensuring that only authorized personnel are accessing PHI.  Its alerting mechanisms enable immediate action for security breaches.

Contact us today to find out how DMsuite Data Masking Suite can be meet your data privacy requirements.