Written Information Security Program (Wisp) For Protection Of Personal Information Template

ADVERTISEMENT

___________________________, INC.
WRITTEN INFORMATION SECURITY PROGRAM (WISP)
FOR PROTECTION
OF PERSONAL INFORMATION
I.
GENERAL
A. Objective of WISP
The objective of __________________________, Inc. (the “Corporation”), in the
development and implementation of this comprehensive Written Information Security
Program (“WISP”), is to create effective administrative, technical and physical
safeguards for the protection of Personal Information of residents of the Commonwealth
of Massachusetts, and to comply with the Corporation’s obligations under M.G.L. c. 93H,
M.G.L. c. 93I, and 201 CMR 17.00.
The WISP sets forth the Corporation’s procedure for evaluating the Corporation’s
electronic and physical methods of accessing, collecting, storing, using, transmitting, and
protecting Personal Information of residents of the Commonwealth of Massachusetts.
For purposes of this WISP, “Personal Information ” means the following, whether
in paper, electronic or other form:
1. a Massachusetts resident's first name and last name or first initial and
last name;
2. in combination with any one or more of the following data elements
that relate to such resident:
a. Social Security number;
b. driver's license number or state-issued identification card
number;
c. financial account number, or credit or debit card number (with
or without any required security code, access code, personal
identification number or password that would permit access to
a resident’s financial account); or
d. personally identifiable health information.
“Board Member” shall mean a Corporation board of directors member with
access to Personal Information.
B.
Purpose of WISP
The purpose of the Corporation’s WISP is to:
1. ensure the security and confidentiality of Personal Information;

ADVERTISEMENT

00 votes

Related Articles

Related forms

Related Categories

Parent category: Life