Tag Archives: Massachusetts

Notable challenges from the updated Massachusetts data breach notification law

The update to the existing Massachusetts data breach notification statute (set to go into effect on April 11, 2019) introduces novel requirements for notices to both affected individuals and regulators and requires credit monitoring services to be offered in some instances for at least 18 months. The legislation updates the statute in a number of … Continue Reading

Massachusetts Attorney General announces new data breach reporting tool and database

Massachusetts Attorney General (AG) Maura Healey has announced that the state will offer an online portal where businesses can more easily report that they have experienced a data breach. Massachusetts will also offer consumers an electronic database to view reported breaches, similar to the online repositories operated by California, Maryland and other states. Affected companies … Continue Reading

Changes in State Data Privacy Laws to Become Effective Soon

This post was also written by Frederick Lah. We previously reported on Texas House Bill 300 that was signed into law last year.  The new law presents stricter requirements for health privacy and data breach notification obligations.  That law is set to become effective September 1, 2012.  Two types of entities will be primarily affected by the law: “Covered … Continue Reading

Massachusetts Data Protection Regulations: March 1, 2012 Deadline for Service Provider Contracts

This post was also written by John L. Hines, Jr., Amy S. Mushahwar and Frederick Lah. The Massachusetts Data Protection Regulations, 201 C.M.R. 17.00, (“Massachusetts Regulations”) establish minimum standards to be met in connection with safeguarding the personal information of Massachusetts residents. Personal information is defined as a resident’s first name and last name or … Continue Reading
LexBlog