Nation's toughest personal info law about to take effect -- Government Computer News - 0 views
-
Businesses that hold personally identifiable information on Massachusetts residents have one month to comply with what security experts are calling the toughest data security requirements in the nation. The Massachusetts Data Breach Law, passed in 2007, goes into effect March 1 and requires personal information in networked systems to be protected with strong encryption, firewalls, antivirus and access controls.
-
The law was written in response to the theft of information on more than 45 million credit card accounts from TJX Companies in 2007
-
The law is designed to ensure “the security and confidentiality of customer information,” based on current industry standards, focusing on threats that can or should be anticipated. The regulations take into account the size of a business, the amount of resources available to it, the amount of personal data held and the sensitivity of the data. It covers paper and electronic records and requires physical and IT security.
- ...1 more annotation...
-
"Businesses that hold personally identifiable information on Massachusetts residents have one month to comply with what security experts are calling the toughest data security requirements in the nation. The Massachusetts Data Breach Law , passed in 2007, goes into effect March 1 and requires personal information in networked systems to be protected with strong encryption, firewalls, antivirus and access controls."