Written Information Security Program (Wisp) For Protection Of Personal Information Template Page 2

ADVERTISEMENT

Written Information Security Program (Wisp) For Protection Of Personal Information Template Printable pdf

1

2

3

4

5

6

7

8

9

10

11

2. protect against threats or hazards to the security or integrity of such

information; and

3. protect against unauthorized access to or use of such information in a

manner that creates a substantial risk of identity theft or fraud.

C.

Scope of WISP

In formulating and implementing the Corporation’s WISP, the intended scope is

to do the following:

1. identify reasonably foreseeable internal and external risks to the

security, confidentiality, and/or integrity of any electronic, paper or

other records containing Personal Information ;

2. assess the likelihood and potential damage of these threats, taking into

consideration the sensitivity of the Personal Information ;

3. evaluate the sufficiency of existing policies, procedures, customer

information systems, and other safeguards in place to control risks;

4. design and implement a WISP that puts safeguards in place to

minimize those risks, consistent with the requirements of 201 CMR

17.00; and

5. regularly monitor the effectiveness of those safeguards.

D. Data Security Coordinator:

The Corporation has designated the Executive Director to be the Corporation’s Data

Security Coordinator. He or she will be responsible for implementing, supervising and

maintaining the Corporation’s WISP, including:

1. initial implementation of the Corporation’s WISP;

2. training of the following persons regarding the Corporation’s WISP

and Personal Information security: (a) all employees; (b) Board

Members (see Part I.A on page one for definition of “Board

Member”);

(c) independent contractors with access to Personal Information; and

(d) any other person involved with the Corporation who has or will

have access to Personal Information;

3. regular testing of the WISP’s safeguards;

4. evaluating the ability of each of the Corporation’s third party service

providers to implement and maintain appropriate Personal Information

security measures for the Personal Information to which the

Corporation has permitted them access, consistent with 201 CMR

17.00, and requiring such third party service providers by contract to

implement and maintain appropriate Personal Information security

measures;

5. Reviewing the scope of the Personal Information security measures in

the WISP at least annually, or whenever there is a material change in

2

ADVERTISEMENT

0 votes

Related Articles

Top 20 Happy Easter Cards And Gift Tags To Download For Free

Top Ten Easter Arts And Crafts Activities For Your Kids

Free Easter Coloring Pages And Easter Printables For Your Kids

Related forms

State Of Maryland-child Protective Services Program Consent For Release Of Information Cps Background/adam Walsh Background Clearance Request

State Of Maryland-child Protective Services Program Consent For Release Of Information Cps Background/adam Walsh Background Clearance Request Legal

Adverse Party Information Form (order For Protection Of Children Information)

Adverse Party Information Form (order For Protection Of Children Information) Legal

Order For Protection Of Children Information Form

Order For Protection Of Children Information Form Legal

Social Security Administration - Consent For Release Of Information Form

Social Security Administration - Consent For Release Of Information Form Legal

Social Security Administration Consent For Release Of Information

Social Security Administration Consent For Release Of Information Legal

Form Ssa-3288 - Social Security Administration - Consent For Release Of Information Form

Form Ssa-3288 - Social Security Administration - Consent For Release Of Information Form Legal

Form Ssa-3288 - Social Security Administration Consent For Release Of Information

Form Ssa-3288 - Social Security Administration Consent For Release Of Information Legal

Form Mv-15gc - General Consent For Release Of Personal Information - New York State Department Of Motor Vehicles

Form Mv-15gc - General Consent For Release Of Personal Information - New York State Department Of Motor Vehicles Legal

Authorization For Release Of Personal & Health Information - Blue Shield Of California

Authorization For Release Of Personal & Health Information - Blue Shield Of California Business

Authorization For Release Of Personal/credit Information And Truthfulness Waiver - Aston County Police

Authorization For Release Of Personal/credit Information And Truthfulness Waiver - Aston County Police Legal

Related Categories

Parent category: Life