Tag Archives: SSAE 16 audit

All Contracts with Vendors Who Handle Personal Information of Massachusetts Residents Must Have Appropriate Safeguards in Place by March 1, 2012

By Theodore J. Kobus III on February 9, 2012 Posted in Enforcement, Information Security

Regulators are focusing more and more on how responsible organizations are when engaging third-party vendors. HIPAA has in place requirements for engaging business associates. The Connecticut Department of Insurance has requirements for reporting breaches caused by vendors. And, the Massachusetts Attorney General, through the Data Security Regulations, requires oversight of third-party service providers. This is … Continue Reading