Publications

Subscribe

Privacy Compliance 101: Why Massachusetts Data Security Standards DO Affect You

Beginning May 1, 2009, businesses will need to pay more attention to data governance; a higher standard will go into effect in an effort to protect Massachusetts residents' personal information. Companies will now be required to implement written programs for the protection of personal information. The standards, 201 C.M.R. 17.00, set out in detail the standards to be met by persons or businesses who own, license, store, or maintain personal information about a Massachusetts consumer or employee (the "standards"). Noteworthy in the scope of data standards, the standards apply to paper as well as to electronic records.

In this article, published on December 1, 2008 on CIO.com, Mintz Levin attorneys Cynthia Larose and Elissa Flynn-Poppey describe the impact that this new standard will have on companies, and the minimum security measures that must be taken by companies for both written and electronic documents.  The article also details the penalties that companies could face if they fail to comply.

Click here to read the full article.