In September 2008, Massachusetts enacted a sweeping new privacy law to protect the personal information of Massachusetts residents that went into effect on March 1, 2010. If you do business with residents of Massachusetts or have employees that reside in Massachusetts, you must comply.
The Massachusetts law is the first in the nation to require specific technology when protecting personal information. Both "data at rest" and "data in transit" over a public network, such as the Internet, that contain personal information must be encrypted.
Personal information is defined as a Massachusetts resident's name in combination with one of the following – with or without a security code, access code, PIN, or password that would permit access to a resident’s financial account:
This new legislation affects all organizations who own or license personal information of Massachusetts residents – regardless of the size or location of the business. And, organizations must require and oversee that third-party service providers with access to personal information also comply with the new law. Organizations affected include:
Download a complete copy of the Massachusetts Privacy Law and the 201 CMR 17.00 FAQ from the Massachusetts OCABR to assess the impact on your organization.
If you are a small business, review the small business checklist published by the Massachusetts Office of Consumer Affairs and Business Regulation (OCBAR) and the Small Business Guide for Formulating a Comprehensive Written Information Security Program.
Join a discussion group on LinkedIn between vendors and organizations that need to comply with the new standard.
Coviant Software offers a suite of managed file transfer products that encrypt your data before, during, and after transit. Download a Massachusetts Privacy Law Solution Brief or click below to start a free trial of Basic Edition, Standard Edition, or Enterprise Edition now. Or, contact us at 781.210.3310 for more information or to request a quote.
Have a question? Learn more about the free trial »
Diplomat Managed File Transfer software may NOT be downloaded or otherwise exported or re-exported to any parties in Cuba, Iran, North Korea, Sudan, or Syria. You agree not to directly or indirectly export or re-export (including by transmission) Diplomat Managed File Transfer software to any parties in the above countries without first obtaining any required export license or governmental approval.
By downloading or using Diplomat Managed File Transfer software, you are agreeing to the foregoing and you are representing and warranting that you are not located in and are not a national or resident of Cuba, Iran, North Korea, Sudan, or Syria.
DIPLOMAT MANAGED FILE TRANSFER SOFTWARE CONTAINS ENCRYPTION TECHNOLOGY THAT IS CONTROLLED FOR EXPORT BY THE U.S. BUREAU OF INDUSTRY AND SECURITY UNDER THE EXPORT ADMINISTRATION REGULATIONS. IN ADDITION TO OTHER RESTRICTIONS DESCRIBED IN THIS DOCUMENT AND THE DIPLOMAT MANAGED FILE TRANSFER LICENSE AGREEMENT, YOU MAY NOT USE DIPLOMAT TRANSACTION MANAGER, OR EXPORT DIPLOMAT MANAGED FILE TRANSFER TO ANY PARTY WHERE YOU KNOW, OR HAVE GOOD REASON TO BELIEVE, THAT DIPLOMAT MANAGED FILE TRANSFER MAY BE USED IN CONNECTION WITH THE PROLIFERATION OF NUCLEAR, CHEMICAL OR BIOLOGICAL WEAPONS OR MISSILES.
Diplomat Managed File Transfer software is classified under ECCN 5D992B.1 with CCATS # G049200 as of June 14, 2006 which authorizes these products for export and re-export under Section 742.15 (B) (2) of the Export Administration Regulations (“Review Requirement for Mass Market Encryption Commodities and Software Exceeding 64 Bits”).
Don't know which product to try? Get a recommendation »