Ascendant Compliance Management, Partnering with you to make compliance a source of strength worldwide

homeconferences and educationconferences and educationservicesteamclientsresourcesemployment with Ascendant Compliance Managementcontact Ascendant Compliance Management

International Conferences
Model Privacy & Information Security Program

By March 1, 2010 any investment adviser or broker dealer with clients or customers residing in Massachusetts must have in place a comprehensive Privacy & Information Security Program pursuant to Massachusetts Regulation 201 CMR 17.00 et. seq.

Ascendant Compliance Management is offering a Model Privacy & Information Security Program based on SEC Federal Regulation S-P 17CFR Part 248, and Massachusetts Regulation 201 CMR 17.00: “Standards for the Protection of Personal Information of Residents of The Commonwealth.” All investment advisers and broker dealers must adhere to Regulation S-P, and investment advisers and brokers should already have in place appropriate procedures accordingly.

The specific creation of a Privacy & Information Security Program, including many of the features included in this model, is not currently enumerated by Regulation S-P. Nevertheless, any investment adviser or broker dealer with clients or customers who are residents of Massachusetts must have a Privacy & Information Security Program in place by March 1, 2010. Many of the provisions of the Model Privacy & Information Security Program are based on the Massachusetts regulation. All provisions related to the encryption of data are specifically required by the Massachusetts Regulation only, and are only specifically required to be applied to the transmission and storage of Nonpublic Personal Information related to Massachusetts residents.

Nevertheless, Ascendant encourages advisers and broker dealers to begin to adopt a program, including encryption of Nonpublic Personal Information, and to apply such practices to all Clients and Customers as possible. Virtually all states have regulatory mandates (commonly referred to as breach notification laws) that Clients and Customers be notified if their Nonpublic Personal Information is part of a data security breach. Businesses generally require expensive legal counsel to determine those notification requirements on a state-by-state basis. Under many state regulations, however, if lost, misplaced or stolen data was encrypted then the regulation does not require the declaration of a security breach and does not require notification.

Buy the MPISP Program and receive access to any archived ComplianceCast of your choice, FREE! This limited time combination offer is a $400 savings. To purchase your Model Privacy & Information Security Program, simply use either of the links below. Once we have received your information we will contact you to initiate an electronic download of the program and archived ComplianceCast of your choice.

Download a purchase form to complete and mail or fax to us
CLICK HERE TO DOWNLOAD >

Purchase online via PayPal
CLICK HERE TO ORDER >



BACK








ascendant news

Our current conference details

philanthropy

Global Compliance, how can our global presence serve your firm?

ASCENDANT COMPLIANCE MANAGEMENT | 860 435 2255 © 2010 Ascendant Compliance Management, Inc. All rights reserved.