CPASecureReg

Massachusetts Mandate Prohibiting Transfer of Information via Email

March 1, 2010

Dear Clients,

James A. George, P.C. has launched a new file sharing process due to the Massachusetts mandate regarding the “standards to be met by persons who own or license personal information about a resident of the Commonwealth of Massachusetts” which came into effect on 3/1/2010.

The regulation applies to those engaged in commerce. More specifically, the regulation affects those who collect and retain personal information in connection with the provision of goods and services or for the purposes of employment.

The regulation, 201 CMR 17.00 Standards for The Protection of Personal Information of Residents of the Commonwealth, defines the minimum standards to be met in connection with the safeguarding of personal information contained in both paper and electronic records. Correspondence between the auditors and clients containing Personally Identifiable Information (PII) can no longer be sent via email.

The intent of the regulation is to prevent identity theft. Whether or not your business is physically located in Massachusetts, or if you store any PII for residents of Massachusetts, you are subject to the regulation. PII is defined as records that contain the first name and last name or first initial and last name plus any of the following: Social Security Number, Driver's License or State-Issued Identification Card Number, Financial Account Number, and/or Credit or Debit Card Number.

James A. George, P.C. has chosen CPA Secure, a secure web file sharing service, to fulfill the new file share mandate.

Thank You for your cooperation,

Your JAGPC Team

Certified Public Accountants and Business Consultants

Headquarters at 401 Edgewater Place, Suite 190, Wakefield, MA 01880 | P 781.245.8200 | F 617.249.1712 | E info@jamesageorgepc.com