Additional Guidance on the Massachusetts Privacy Regulations

The Massachusetts Office of Consumer Affairs and Business Regulation has provided guidance regarding its new regulations requiring all entities that own, license, store or maintain personal information about a resident of the Commonwealth of Massachusetts to develop, implement and maintain a comprehensive written information security program and make specific computer information security requirements. I mentioned the regulations, which have a January 1, 2009 compliance date, previously: New Massachusetts Privacy Laws, Privacy and Security Alert: Massachusetts Has New Data Security Regulations, Massachusetts Regulations to Mandate Comprehensive Information Security Requirements.

The newly issued guidance consists of the following:

One Comment