Skip to content
DWT logo
People Expertise Insights
About Locations Careers
Search
People
Expertise
Insights
About
Locations
Careers
Search
Advisories
Privacy & Security

Businesses Given More Time to Comply with New Massachusetts Data Security Regulations

By  Randy Gainer and John D. Seiver
June 2009
Share
Print this page

In a press release issued Nov. 14, 2008, the Massachusetts Office of Consumer Affairs and Business Regulation (OCABR) extended the deadline for complying with its new regulations specifying how businesses must protect personal information about Massachusetts residents.

As we described in our September 2008 advisory, the regulations, 201 CMR 17.00, require businesses that store or process information about Massachusetts residents to encrypt documents sent over wireless networks and the Internet, to encrypt documents stored on laptops and other devices, to use firewalls and other security measures to protect the data, and to ensure that their service providers have the capacity to keep the data secure. The regulations had been scheduled to take effect Jan. 1, 2009.

Businesses have reported difficulty meeting the deadlines to encrypt information and to verify the capacity of their service providers to keep all information about Massachusetts residents secure.

The Massachusetts OCABR extended the deadline to comply with the regulations generally to May 1, 2009, the same (extended) effective date for the Federal Trade Commission's identity theft “Red Flag” rules. OCABR extended the deadline to encrypt data on PDAs, USB drives, and similar devices other than laptops to Jan. 1, 2010. OCABR also delayed to Jan. 1, 2010 the deadline for businesses to obtain written certification from their service providers that the service providers will protect information about Massachusetts residents in accordance with the new rules.

We are available to provide further information about the Massachusetts regulations, OCABR's postponement of the deadlines, or identity theft rules and issues generally.

Related Articles

DWT logo
©1996-2022 Davis Wright Tremaine LLP. ALL RIGHTS RESERVED. Attorney Advertising. Prior results do not guarantee a similar outcome.
NAVIGATE
Home People Expertise Insights
About Locations Careers Events Blogs
STAY CONNECTED

Subscribe to stay informed.

Subscribe
Employees
DWT Collaborate
EEO
Affiliations
Legal notices
Privacy policy
©1996-2022 Davis Wright Tremaine LLP. ALL RIGHTS RESERVED. Attorney Advertising. Prior results do not guarantee a similar outcome.
Close
Close

CAUTION - Before you proceed, please note: By clicking “accept” you agree that our review of the information contained in your e-mail and any attachments will not create an attorney-client relationship, and will not prevent any lawyer in our firm from representing a party in any matter where that information is relevant, even if you submitted the information in good faith to retain us.