In Advance of New Massachusetts Privacy Law, Liquid Machines Offers Enterprise-Class Security Software to Mom-and-Pop Businesses

runs on HR Knowledge’s servers rather than the end users’ own machines, as at Liquid Machines’ larger clients. The system adds control functions called “droplets” to programs such as Microsoft Office and Adobe Acrobat; these droplets allow administrators to set up policies determining who can read, edit, or print business files. HR Knowledge consultants help users learn the system, set up the appropriate policies, and produce the documentation required for compliance.

The service is priced at $125 per user per month, plus a one-time setup fee. A typical small company, Garr says, would have only one or two users, such as the bookkeeper or office manager. For a company on the scale of Xconomy—with about 10 employees—the yearly charges would come to around $3,000, he says. (Perhaps not coincidentally, that’s exactly in line with OCABR’s estimates for the average cost of complying with the new privacy laws.)

Liquid Machines 'droplet'Ironically, Garr says HR Knowledge never really wanted to get into the software business. “We are an HR company, not an IT company,” he says. “Our job is to make sure that our clients are compliant, and up to now, compliance has meant things like having a sexual harassment policy and hiring and terminating employees properly. But with this new law, HR also means protecting electronic and hard-copy information about employees, and that’s really a key motivating factor for us. This is something we have to do to protect our clients.”

Companies have another nine months to comply with 201 CMR 17.00, and getting a new company up and running on Liquid Machines’ software only takes 8 to 12 hours of on-site training, Garr says. But he wouldn’t recommend putting compliance off, the way the state keeps doing by moving back the deadline. “Knowing what we know about what can happen if this personal information gets out,” says Garr, “I think it’s in everyone’s best interest to handle it now.”

Update, March 31, 2009: Utimaco, the Foxborough, MA- and Oberursel, Germany-based security company featured in my December story on the Massachusetts reguilations, today unveiled a nifty Compliance and Regulation Portal on the Web. It’s full of resources on how businesses can comply with shifting legal regulations concerning the privacy of personal data.

Pages: Page 1, Page 2

Author: Wade Roush

Between 2007 and 2014, I was a staff editor for Xconomy in Boston and San Francisco. Since 2008 I've been writing a weekly opinion/review column called VOX: The Voice of Xperience. (From 2008 to 2013 the column was known as World Wide Wade.) I've been writing about science and technology professionally since 1994. Before joining Xconomy in 2007, I was a staff member at MIT’s Technology Review from 2001 to 2006, serving as senior editor, San Francisco bureau chief, and executive editor of TechnologyReview.com. Before that, I was the Boston bureau reporter for Science, managing editor of supercomputing publications at NASA Ames Research Center, and Web editor at e-book pioneer NuvoMedia. I have a B.A. in the history of science from Harvard College and a PhD in the history and social study of science and technology from MIT. I've published articles in Science, Technology Review, IEEE Spectrum, Encyclopaedia Brittanica, Technology and Culture, Alaska Airlines Magazine, and World Business, and I've been a guest of NPR, CNN, CNBC, NECN, WGBH and the PBS NewsHour. I'm a frequent conference participant and enjoy opportunities to moderate panel discussions and on-stage chats. My personal site: waderoush.com My social media coordinates: Twitter: @wroush Facebook: facebook.com/wade.roush LinkedIn: linkedin.com/in/waderoush Google+ : google.com/+WadeRoush YouTube: youtube.com/wroush1967 Flickr: flickr.com/photos/wroush/ Pinterest: pinterest.com/waderoush/