An Order signed by Governor Patrick on September 19, 2008 that recognizes the importance of protecting personal information and specifically outlines how all state agencies in the Executive Branch must address the security and confidentiality of personal information.
Materials for April 2009 EO 504 training presentation to agency ISOs.
A link to a webcast, hosted by Qwest, for CIO's and agency general counsels who could not attend the meetings in person.
A presentation for the Tech-Law Group Training Program given by Linda Hamel, General Counsel for the Information Tech. Division; Stephanie Ziertan, Deputy Gen. Counsel for the Information Tech. Division; and Jenny Hedderman, Deputy Gen. Counsel for the Office of the State Comptroller.
This document outlines mandatory procurement standards and procedures adopted by ITD under the authority granted to it under EO 504.
In order to comply with the contractor certification requirements of Executive Order 504, agencies must require that all vendors executing contracts on or after January 1, 2009 certify compliance with applicable security measures. This resource provides guidance on complying with the certification requirements of Executive Order 504.
The Commonwealth's Standard Contract Form and Instructions will be amended to include certification of compliance; however, until such time as the Standard Contract Form has been amended, agencies that are subject to Executive Order 504 can comply with this obligation by having vendors entering into any new agreements execute this form. Instructions in completing this form can be found under Vendor Certification Requirements.
A tool to assist agencies in complying with Executive Order 504.
The Executive Order 504 ISP/ESP tool is populated by agencies of the Commonwealth in their identification of compliance measures in place or planned which address EO 504 requirements.
A login is required to access this page. This wiki page has contact information and resources available for agencies regarding EO504.