CMR Compliance

C MR Requirements

Are You a Massachusetts Business Managing Personally Identifiable Information?

All Massachusetts businesses are subject to the Commonwealth of Massachusetts Requirements outlined in 201 CMR 17. This regulation requires all organizations who store or manage personally identifiable information, to possess a written, regularly audited action plan protecting personal information. TSI’s security experts help Identify the gaps in their security strategy by conducting risk assessments that assist businesses in safeguarding data and identifying areas of noncompliance.

G uide to CMR 17.00 Compliance

Standards For The Protection Of Personal Information

Massachusetts sets a strict benchmark for consumer protection, serving as a model for many other states. According to 201 CMR 17.00, any company holding or licensing personal data of Massachusetts residents must promptly inform the Office of Consumer Affairs & Business Regulation, along with the Office of the Attorney General and the affected individuals, upon suspicion of a security breach. Learn how you must respond in the case of a breach below.

A Detailed Description

Inform Users of What Happened

A detailed description of the nature and circumstances of the breach of security or unauthorized acquisition or use of personal information.

Who Was Impacted

Is Law Enforcement Involved?

The total number of Massachusetts residents affected as of the time of notification, as well as information regarding whether law enforcement is engaged investigating the incident.

Steps Taken/to Take

How You'll Resolve Things

You must also include information on the steps already taken relative to the incident, as well as any steps you intend to take relative to the incident after notification.

C MR Compliance FAQ

Get Your Questions Answered by IT Professionals

What Our Clients Are Saying


“There is just too much information to make clear informed IT decisions that are best for your business. Technical Support International’s cloud specialists helped navigate through the abyss of buzzwords and tech-centric concepts to help our business become more efficient and reduce IT capital expenditures. TSI’s ability to outline and explain the variety of available options helped solidify our decision to move to the cloud. I came out of the experience truly appreciating TSI’s approach."

Investment Group / Hyannis, MA

Learn More About CMR Compliance and Get Started

Whether you're sourcing a new IT service provider, looking for an expert cyber security firm, or you just want to make sure your network is in order and would like an outside party to take look, we'd be happy to hear from you. Get started with a CMR audit today.

Call us at (508)-543-6979 or click the button below to request a call back from a representative at TSI.