Welcome

> HOME
> COMPUTER CONSULTING
> COMPUTER DISPOSAL
> COMPUTER & PC REPAIR
> CONTACT US
> DATA RECOVERY
> IT SERVICES
> LAPTOP REPAIR
> LAPTOP DC JACK REPAIR
> SERVER REPAIR
> SALES
> SERVICES
> SPARE PARTS
> DOCUMENT CONTAINER
> WEB DESIGN
> SITEMAP
> MASS DATA LAW

Phone: (508) 987-1730

Toll free: 1-877-277-3879

 

massachusetts data law, data breach laws ma, data laws in masachusetts

massachusetts data law, data breach laws ma, data laws in masachusetts

 

COMPUTER WAREHOUSE - ARS

"New England's Computer Repair & IT Solutions Professionals"

~Your Full Service Business & Home Technology Solutions Provider~

~ Our quality people do make a difference! ~

Massachusetts passed a data protection law that is arguably one of the most stringent in the nation. 201 CMR 17.00 mandates that “every person who owns, licenses, stores or maintains personal information about a resident of the Commonwealth [of Massachusetts] shall be in full compliance with 201 CMR 17.00” by the deadline of January 1, 2010.

It requires all persons and businesses with personal information to have an adequate protective system in place to prevent unauthorized access to personal information, firewall and malware protection for the computer systems, as well as encryption for all data containing personal information transmitted through the public network or wirelessly.

What are the requirements?

According to the definitions in 201 CMR 17.02, personal information is a Massachusetts resident’s first name or first initial and last name in combination with any one of more of the following data related to the person: social security number, driver’s license number or state-issued identification card number, financial account number, credit or debit card number with or without any required security or access code or password that would permit access to financial information.

The law requires adequate computer system security measures to protect personal data, as described in section 17.04:

1. Secure user authentication protocols

 

2. Secure access control measure

 

3. Encryption of all transmitted records and files containing personal information that will travel across     public networks or wirelessly

 

4. Monitoring system for any unauthorized use

 

5. Encryption for all personal information stored on laptops or portable devices

 

6. Up to date firewall protection for the operating systems

 

7. Malware protection updated on a regular basis

 

8. Education and training of employees on proper use of the system and the importance of personal information security

For details and full text of the law, see here.