The first user group I found when I landed in IT was SNENUG (sounds like a Dr. Seuss character, but it isn't), the Southern New England Network Users Group. Not a big group, but an very active and helpful bunch of IT folks who welcomed me into the fraternity of admins. SNENUG meets in the Providence, RI area, their current meeting place is New England Institute of Technology. I don't get to their meetings as often as I would like anymore, but I will be there on Wednesday night...
I'll be giving my presentation on Mass 201 CMR 17.00, updated a bit to reflect the final changes to the regulations. Here are a few updated links for 201 CMR 17.00 information:
The Massachusetts Office of Consumer Affairs and Business Regulation's site is http://www.mass.gov/?pageID=ocahomepage&L=1&L0=Home&sid=Eoca and their Businesses Identity Theft page is the hub for official information on the topic: http://www.mass.gov/?pageID=ocatopic&L=3&L0=Home&L1=Business&L2=Identity+Theft&sid=Eoca
PDF reference documents:
The current (amended) 201CMR17.00 regulations [Please read this yourself before listening to any "experts",
even especially me]
Three-page Compliance Checklist [Not comprehensive, but really pretty good]
Small Business Guide [This one is still a bit problematic, doesn't quite line up with common sense or the regulations in some places- but still worth a look]