As previously highlighted in Bingham’s Privacy and Security alerts dated October 31, 2008, November 18, 2008, February 18, 2009, August 19, 2009 and November 5, 2009, the Massachusetts Office of Consumer Affairs and Business Regulation has issued regulations (“Regulations”), codified at 201 CMR 17.00, requiring that persons who “own or license personal information about a resident of the Commonwealth” comply with strict requirements to safeguard such personal information. These new regulations go into effect on Monday, March 1, 2010.
Is YOUR Business Covered by the Regulations?
As we have previously reported, the Regulations require ANY business that “receives, stores, maintains, processes, or otherwise has access to ‘personal information’” (i.e., first name or initial and last name, in conjunction with (1) social security number, (2) driver’s license or state-issued identification number, or (3) financial account or credit/debit card number) about a resident of Massachusetts to:
If you have any questions or concerns as to whether your business complies with these Regulations, please contact one of the lawyers listed below to receive a copy of Bingham’s “Practical Guide to Complying With the New Massachusetts Data Security Regulations.”
To review the full text of the Regulations, click here.
Bingham’s Privacy and Security Group helps companies in a broad range of industries comply with a complex array of data protection and privacy laws, regulations and standards. We have successfully handled numerous major data breach matters in a variety of jurisdictions.