December 02, 2008
Massachusetts - 6 Million People Can't be Wrong
Hey, so have you been keeping up with all the awesomeness going on in Mass? In case you haven't noticed, there's a bunch of new stuff out there. There's 201 CMR 17.00 which requires encryption of personal data of a commonwealth resident no matter where it is. That's pretty awesome, and it's going to blow a hole in traditional IT. After all, how do you know who's a resident of Mass or not? Couldn't someone list their secondary address in your database, but really be a resident of Mass? Sure. Would they be covered by the law? Probably. Nifty, huh? It's the same dilemma that businesses were in relative to SB-1386. And we all know how that shook out.
But what's even cooler than that (or maybe just as cool) is Executive Order 504 that requires specific information security controls, management, and governance from state agencies, and requires certification of contractors to a defined security standard. Again, this ought to shake things up a bit.
I'm really pleased with what's going on just down south of us. Although I'm a little nervous. Here's why:
1) we're heading in to a recession
2) recession means less tax money to the government
3) recession means higher unemployment and higher rate of state-funded programs like unemployment
4) states have to maintain a balanced budget
5) more technical controls means more IT spending at the expense of services-spending
I'm not sure that this is the perfect time for what Mass is up to - but I'm really interested to see how it'll shake out.
Posted by Ed at December 2, 2008 04:15 PM | TrackBack