Goodwin Procter has published a client alert describing the amendments to the Massachusetts Data Privacy Law (my posts on this topic). They detail three changes. First is pushing bck the complaince deadline to January 1, 2010. Second, theyhave lifted some of the contract amendments and certifications from vendors. Third, they clarified the wireless encryption requirement….
Tag: Mass. Data Privacy Law
Massachusetts Amends and Extends Its Data Privacy Law
According to this press release from the Massachusetts Office of Consumer Affairs and Business Regulation, they have once again extended the deadline for complying the with the regulations. Now the regulations will take effect Jan. 1, 2010. I have not had a chance to analyze the differences yet, but here are the amended regulations under…
Decoding the Science of Compliance — Are you Ready for 201 CMR 17.00?
Compliance Week broadcast a webcast on the new Massachusetts data privacy regulations: Decoding the Science of Compliance — Are you Ready for 201 CMR 17.00? (and sponsored by Iron Mountain). Garry Watzke, Esq., Senior Vice President Legal & Business Development at Iron Mountain, Inc. started with the basics which I have noted in several other…
Bingham Presentation on Massachusetts Data Security Law
Bingham McCuthen LLP put together a panel presentation on the Complying with Massachusetts New Data Security Regulations. Mark Robinson, a partner at Bingham, started with an introduction of the law and panel. He called the law “perilous.” Beth Boland, a partner at Bingham, went through the requirements of the new law. OCBR and the business…
Data Privacy Roundtable
Deloitte hosted an executive roundtable on Massachusetts Data Protection. The room was packed full of us trying to figure what to do with these regulations. Mark Schreiber of Edwards Angell Palmer & Dodge kicked things off with a look at the history of the regulation and the regulators view of the regulations. The regulators acknowledge…
Public Hearing on Massachusetts Data Privacy Regulations
The Massachusetts Office of Consumer Affairs and Business has published a Notice of Public Hearing on 201 CMR 17.00, Standards for the Protection of Personal Information of Residents of the Commonwealth. (.pdf) The hearing is on Friday, January 16, 2009 at 2:00 pm in Room No. 5-6, Second Floor of the Transportation Building, 10 Park…
Additional Time to Comply with Identity Theft Prevention Regulations
The Massachusetts Department of Consumer Affairs and Business Regulation have extended the deadline for compliance with 201 CMR 17.00: Business Community Given Additional Time to Comply with Identity Theft Prevention Regulations. The regulations were orginally set to take effect on January 1, 2009. That deadline has been extended to May 1, 2009. The deadlines for…
New Data Security Regulations Have Sweeping Implications For Massachusetts Businesses
A white paper written by Joe Laferrera of Gesmer Updegrove LLP New Data Security Regulations Have Sweeping Implications For Massachusetts Businesses (.pdf) provides a great analysis of the new Massachusetts Data Privacy Regulations, their impact and how to deal with them. These are my prior posts on the new Massachusetts Data Privacy Regulations: Computer System…
Computer System Requirements for New Massachusetts Privacy Regulations
As discussed in earlier alerts (Additional Guidance on the Massachusetts Privacy Regulations, Privacy and Security Alert: Massachusetts Has New Data Security Regulations and New Massachusetts Privacy Laws), starting on January 1, 2009, businesses will be held to a higher standard regarding the protection of Massachusetts residents’ personal information. The regulations set out in detail the…
Additional Guidance on the Massachusetts Privacy Regulations
The Massachusetts Office of Consumer Affairs and Business Regulation has provided guidance regarding its new regulations requiring all entities that own, license, store or maintain personal information about a resident of the Commonwealth of Massachusetts to develop, implement and maintain a comprehensive written information security program and make specific computer information security requirements. I mentioned…