201 CMR 17.00 Finalized – Regulations to Take Effect March 1, 2010

From the Massachusetts Office of Consumer Affairs and Business Regulation:

The  Office of Consumer Affairs and Business Regulation announced that it has filed final regulations that take effect on March 1, 2010. The regulations will help combat many of the vulnerabilities in personal information security that has led to more than 1 million instances of Massachusetts residents’ personal information being exposed in two years.

The regulations focus on protecting personal information by mandating any entity storing or transmitting personal information – a combination of a name along with Social Security number, bank account number, or credit card number – ensure the information be encrypted when stored on portable devices or when transmitted over the Internet.

The new provisions will help combat the loss of personal information, which has included 1,057,560 exposures in the last two years. Gov. Patrick signed an identity theft prevention law that included notification to the Office of Consumer Affairs and Business Regulation of data breaches. In the two years since that provision took effect Oct. 31, 2007, the Office has been notified of 807 breach incidents.


Welsh Consulting is prepared to help you address all aspects of the regulation that pertain to electronic information storage and the management of your computer systems. To learn more about how Welsh Consulting can help you protect your data to comply with the new regulations, pleae give us a call 617-695-9800.

This entry was posted in Information Security and tagged , , , , , , . Bookmark the permalink. Both comments and trackbacks are currently closed.