Achieving Compliance with Massachusetts Data Protection Law
Click here to download now
Overview: In the first ten months after a new Massachusetts identity theft law took effect in late-2007, the Office of Consumer Affairs and Business Regulation reported that over 625,000 residents of the Commonwealth had been directly impacted by a data breach of their personally identifiable information (PII). Of these, about 60% were the result of criminal / unauthorized acts and the remainder due to employee error or “sloppy internal handling” of PII. To help mitigate the negative impacts of this ID Theft problem, Massachusetts passed a new law that requires any organization that “owns, licenses, stores, or maintains personal information about a resident of the Commonwealth” to follow a comprehensive set of information security requirements.