CLIENT SPOTLIGHT: Grillo's Pickles

If you haven't been to the Grillo's Pickles website, you should. There, you'll find the fantastic story of how this company began. We've copied part of it here to save you a click.

Grillo's Pickles began with a pickle cart, just a small wooden stand in downtown Boston, where Travis Grillo and his friends would sell two spears for one dollar. Travis would make the pickles by night using his family's 100-year old recipe - one he'd memorized from making pickles every summer as a kid. In the morning, Travis would bike to the Boston Common and set up the cart with his buddies. They'd hang out all day, urging people to try the simple Grillo family pickle. It was a small business but Travis worked hard for it. He made more pickles, biked more miles, and slept less hours than he ever had before.
Read More..

CLIENT SPOTLIGHT: Factory Five Racing

Factory Five Racing was founded in 1995. Over the years they have grown from a start-up business in a small garage to become the world's largest manufacturer of "build-it-yourself" component car kits. They employ a full-time crew of about 40 people, and are located in Wareham, Massachusetts (about an hour south of Boston). They make their products right here in the USA, in the heart of New England where American manufacturing was born.
Read More..

CLIENT SPOTLIGHT: Luca + Danni

Fred and Danny Magnanimi grew up watching their father create beautiful, handcrafted jewelry in the family's Cranston, RI jewelry manufacturing business. When the boys grew up, Fred moved to New York and began working on Wall Street as an investment banker, while younger brother Danny, still enamored by the family business, stayed home. Increased competition from overseas businesses created significant challenges for the business, but Danny was confident he could find a way for the family business to evolve and thrive. This was his mission, this was his passion.
Read More..

PROFESSIONALS

    Services

      Others

        No results found. Please try using a different keyword.
        See all

        What's In Your WISP?

        We routinely recommend to clients that they develop a written information security program (“WISP”), to safeguard sensitive information on a day-to-day basis. In fact, businesses (wherever located) that collect, store or use personal information about a Massachusetts or Rhode Island resident are required legally to develop and maintain a WISP. For purposes of these legal requirements, personal information can be as little as a first name, last name, and the last four digits of a social security number, credit card account number, or bank account number.

        Business leaders need to understand that the WISP is a “program,” not a “policy.” A WISP should describe a system by which one runs the business on a day-to-day basis to safeguard sensitive information. Some clients treat WISPs as policies that they can have drafted, only to then be set aside and never reviewed again. Some businesses have copied a WISP from a form found on the Internet, or a form provided by another company, but have not taken the time to customize it for their business. Other companies want to say they have a WISP, but do not actually make any operational changes to implement the purported security programs described in the WISP. Recent amendments to Massachusetts law make these practices, as well as not having a WISP at all, much more risky.

        Using the Massachusetts rules as an example, there are specific requirements for what your company’s WISP should cover. Some of these include:

        • The scope of the WISP as to what business and what employees (typically all) the WISP applies, and what personal information is collected by the business
        • The identity of the information security coordinator for the company and his or her responsibilities for implementing the WISP, training and reporting to management
        • The company’s information security policies and procedures (the WISP can reference existing policies HR and IP policies, as applicable, and identify any additional policies )
        • The administrative, technical and physical safeguards that the Company has implemented to protect personal information
        • The procedures the Company has implemented to oversee vendors that have access to personal information on the Company’s behalf
        • The penalties/disciplinary actions for violating the WISP
        • The schedule for reviewing and updating the WISP and security measures (at least annually)

        If your business does not have a WISP in place or has not updated its WISP recently, we would be happy to discuss these requirements with you and assist you with your compliance obligations. Please contact Colin A. Coleman, John E. Ottaviani, or Brian Reilly at Partridge Snow & Hahn LLP.

        Related Articles 

        Does Your Company Have a WISP? Have You Updated It Lately?

        Amendments to the Massachusetts Data Breach Notification Law Create Additional Notification and Response Requirements

        How Vulnerable Is Your Business to a Cyber Attack or Data Breach?

        Plan Now to Comply with the New Rhode Island Identity Theft Protection Act