Massachusetts Mandates Data Security

On March 1st, 2010 the state of Massachusetts made changes to its data protection law. Known as 201 CMR 17.00, the changes are designed to ease compliance of regulations initially passed in February 2009. For a complete list of changes download the PDF by clicking here. Here are a few highlights:

Specific personal information must be protected: a Massachusetts resident’s first name and last name or first initial and last name in combination with any one or more of the following data elements that relate to such resident: (a) Social Security number; (b) driver’s license number or state issued identification card number; or (c) financial account number, or credit or debit card number, with or without any required security code, access code, personal identification number or password.

Every service provider that owns or licenses personal information about a resident of the Commonwealth of Massachusetts shall develop, implement, and maintain a comprehensive information security program which must be put into writing.

Data must be encrypted: Encryption of all personal information stored on laptops or other portable devices including backups.

These are just a few of the many important changes in the Massachusetts law. Other states have their own versions to protect data breaches of sensitive data, some can be reviewed here: http://datalossdb.org/primary_sources.

As a worldwide provider of data recovery services, DriveSavers is fully compliant with the laws governing data security in every US state. For information about DriveSavers SAS 70 Type II security audit, HIPAA compliance, encryption and high security data recovery services please visit this webpage.

Tagged as: Hard Drive Recovery

Massachusetts Mandates Data Security

Categories

Data Recovery

Massachusetts Mandates Data Security

Tags

Categories

Data Recovery