201 CMR 17.00

Meet 201 CMR 17.00 Audit Requirements

Massachusetts General Law Chapter 93H regulation 201 CMR 17.00 was developed to safeguard personal information of residents of the Commonwealth of Massachusetts. This regulation applies to all organizations (companies or persons) that own or license personal information about Massachusetts residents.

To be compliant with 201 CMR 17.00, all affected organizations must develop, implement and maintain an auditable comprehensive written information security program, containing administrative, technical and physical safeguards.

201 CMR

Ready to Learn More?

Learn more about the LogRhythm Automation Suite for 201 CMR 17.00 Compliance, download the white paper.

Automate Log Collectin, Archiving and Recovery

Improve your organization’s overall security and compliance posture with LogRhythm. You’ll be able to fully automate log collection, archiving and recovery across your entire infrastructure.

The LogRhythm NextGen SIEM Platform automatically performs log data categorization, identification and normalization to make analysis and reporting easy. Your analysts will receive notifications to clearly identify the most critical events through powerful alarming capabilities.

LogRhythm’s extensive support for both commercial and custom applications gives you comprehensive and efficient collection, processing, review and reporting of log sources specified in 201 CMR security requirements.


Protect Your Customers Data by Monitoring Information Systems and Applications in Real Time

With AI Engine, alarms, forensic investigations, reporting and tails, your team will get immediate notification and analysis of conditions that impact your organization’s customer data. With this information at your fingertips, you’ll be able to identify areas of non-compliance in real time.



Trusted by the Best