As of 1/30/2024
The CMI Group has successfully completed all of the requirements to be considered a TECH LOCK® Certified Service Provider by being assessed against the following data security standards, regulations, and laws:
- GLBA
- ISO 27002
- Massachusetts 201 CMR 17.00
- Nevada NRS 603A
- PCI DSS 3.2.1
- HIPAA
TECH LOCK® has evaluated The CMI Group and is certifying The CMI Group is compliant with the required controls of the listed laws and data security standards bulleted above. As part of TECH LOCK® Certified Program, The CMI Group is required to inform TECH LOCK® of any significant changes to its environment that impacts validation conditions as laid out within the laws and standards The CMI Group has been certified in. To maintain TECH LOCK® Certified, The CMI Group is required to submit successfully passed ongoing quarterly scans for its systems and provide to TECH LOCK® information regarding any new systems or components that store, process, or transmit confidential, cardholder, or client data. This certificate is valid for NO MORE THAN ONE YEAR from the above date of compliance. This certificate is for sole purpose of identifying the laws or standards reviewed and documented in the TECH LOCK® report.
