The Massachusetts Department of Consumer Affairs and Business Regulation have extended the deadline for compliance with 201 CMR 17.00: Business Community Given Additional Time to Comply with Identity Theft Prevention Regulations.
The regulations were orginally set to take effect on January 1, 2009. That deadline has been extended to May 1, 2009. The deadlines for certification from third party providers and ensuring encryption of laptops have been extended to January 1, 2010.
See previous posts: