Achieving Compliance with Massachusetts Data Protection Law

Jul 06, 2010

Download In the first ten months after a new Massachusetts identity theft law took effect in late-2007, the Office of Consumer Affairs and Business Regulation reported that over 625,000 residents of the Commonwealth had been directly impacted by a data breach of their personally identifiable information (PII). Of these, about 60% were the result of criminal / unauthorized acts and the remainder due to employee error or �sloppy internal handling� of PII. To help mitigate the negative impacts of this ID Theft problem, Massachusetts passed a new law that requires any organization that �owns, licenses, stores, or maintains personal information about a resident of the Commonwealth� to follow a comprehensive set of information security requirements.