Achieving Compliance with Massachusetts Data Protection Law

The most comprehensive vertical search directory of enterprise technology solutions, research, reviews and advice to help technology buyers make the best purchasing decisions.

Achieving Compliance with Massachusetts Data Protection Law

from Lumension

View This Now

White Paper

Description:
Massachusetts passed a new law that requires any organization that “owns, licenses, stores, or maintains personal information about a resident of the Commonwealth” to follow a comprehensive set of information security requirements. The new Massachusetts data security law is more strict than past regulations and those of other states, which only required businesses to notify people when personal information was lost.

Lumension White Paper Sample

In the first ten months after a new Massachusetts identity theft law took effect in late-2007, the Office of Consumer Affairs and Business Regulation reported that over 625,000 residents of the Commonwealth had been directly impacted by a data breach of their personally identifiable information (PII). Of these, about 60% were the result of criminal / unauthorized acts and the remainder due to employee error or “sloppy internal handling” of PII1.

To help mitigate the negative impacts of this ID Theft problem, Massachusetts passed a new law that requires any organization that “owns, licenses, stores, or maintains personal information about a resident of the Commonwealth” to follow a comprehensive set of information security requirements.

View This Now

View all resources by Lumension