As many of our customers already know, Massachusetts 201 CMR 17.00 (CMR 17), arguably the most comprehensive state data privacy law went into effect on March 1^st. The law requires the development and regular audit of plans for protecting personal information of Massachusetts residents by companies and individuals who store and use this information.

CMR 17 Data Compliance for a Massachusetts Staffing Firm
I spoke with a Massachusetts based staffing company with multiple offices across the state. They sponsor many contractors who from time to time request direct deposit. In the past, the contractor would email their name, social security and bank account numbers to their recruiter who could be located in the field or one of their many offices. The recruiter in turn would email this information to payroll to setup their direct deposit. CMR 17’s technology requirements call for the encryption of data during transmission as well as any data on mobile devices such as laptops and PDAs. Their concern, which was valid, was that by emailing this information they were not encrypting the personal information in transmission. They had to find a solution that was both secure and easy to use.

LeapFILE for Sending Data Securely and Meeting Data Privacy Laws
With LeapFILE, contractors are now directed to the staffing firm’s branded exchange site where they can easily send their direct deposit form directly to payroll or their recruiters. With little to no training required, the recruiters can also send information securely between themselves, other contractors, candidates, offices, etc, all while staying in compliance of one of the most comprehensive data privacy laws in the country. End result, the staffing company is compliant, their recruiters are happy, their contractors are happy, problem solved.