Trying to predict whether a data security regulation will actually become effective is becoming a bit of a party game. The Federal Trade Commission has had the ball rolling with multiple delays of enforcement of its Red Flag identity theft rules. Now, Massachusetts joins in. With its latest amendments to the Standards for the Protection of Personal Information of Residents of the Commonwealth, 201 CMR 17.00 (the “Regulations”), Massachusetts is giving businesses until March 1, 2010 to come into compliance with security safeguards for personal information of Massachusetts residents.
Please see full publication below for more information.