On February 12, 2009, the Massachusetts Office of Consumer Affairs and Business Regulation (OCABR) amended the Commonwealth’s Data Security Regulations (201 C.M.R. 17.00) (the “Regulations”). The Regulations mandate that any entity that stores personal information (a combination of name and Social Security number, bank account number, or credit card number) of Massachusetts residents must encrypt the information when the information is stored on portable devices, or transmitted wirelessly or on public networks. For a detailed description of compliance standards, see our previous alerts (January 22, 2008, October 2, 2008, October 31, 2008, and January 30, 2009).
Please see full alert for more information.
Please see full publication below for more information.